JULY–AUGUST 2019 | V18.4 LOSSPREVENTIONMEDIA.COM
LOSS PREVENTION MAGAZINE THE AUTHORITY ON ALL THINGS ASSET PROTECTION
ANALYTICS IS NOT JUST A NUMBERS GAME IN INVESTIGATIONS LEARNINGS IN THE QUICK-SERVICE RESTAURANT SEGMENT UNRAVELING THE MYSTERY OF THE DARK WEB BIOMETRICS: RETAIL’S BEST KEPT SECRET
TABLE OF CONTENTS 6
15 Analytics Is Not Just a Numbers Game in Investigations
By Jack Trlica
10
RETAIL SPONSORS
12
INTERVIEWING Thought and Gesture: Part 3
By David E. Zulawski, CFI, CFE and Shane G. Sturman, CFI, CPP
24
Talent, relationships still key even as data takes center stage
CASE STUDY The Impact of Implicit Bias in Professional Investigations
By Mike Bowers, CFI
By Garett Seivold, LPM Senior Writer
26
29
CERTIFICATION College-Level Education
Interview with Sarah Torrez, CFI, LPC, Aero OpCo LLC
Learnings in the Quick-Service Restaurant Segment
28
LPM EXCELLENCE LPM Magpie Award: Applauding Excellence
Featuring Kathleen Smith, Safeway, and Bill Titus, Sears Holdings (retired)
Excerpts from interviews with executives from McDonald’s, Dunkin’ Brands, CKE Restaurant Holdings, Papa John’s, and Wendy’s
38
SUPPLY CHAIN Top Global Supply Chain Themes for 2019
By James Lee, LPC, LPM Executive Editor
48
ASK THE EXPERT Things to Consider When Adding GPS to Your Security Arsenal
41
Interview with Mary Pifer, 3SI
Unraveling the Mystery of the Dark Web
50
FUTURE OF LP New Book on the Evolution of Retail Asset Protection
By Tom Meehan, CFI 60
A tool to discover potential threats to retail brands
EVIDENCE-BASED LP Developing Prioritized Protective Strategies
By Read Hayes, PhD, CPP
By Tom Meehan, CFI, LPM Retail Technology Editor
51 Biometrics: Retail’s Best Kept Secret A look at how fingerprint biometrics is applied in retail applications
62
SOLUTIONS SHOWCASE - Detex - Sensormatic
66
LOSSPREVENTIONMEDIA.COM Two Surveys Report US Shrink Increase
67
PRODUCT SHOWCASE
69
CALENDAR
70
PEOPLE ON THE MOVE
72
ADVERTISERS
72
SUBSCRIPTION FORM
73
VENDOR SPONSORS
74
PARTING WORDS I Am on Vacation By Jim Lee, LPC
By Gene Smith, LPC
4
EDITOR’S LETTER From Analytics to QSR and the Dark Web to Biometrics
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
EBR +
ARTIFICIAL INTELLIGENCE
INTRODUCING
Secure 5 ™
Find 25% more opportunities in 25% less time. Traditional EBR is a thing of the past. Secure 5, built with artificial intelligence, analyzes mountains of data and automatically tells you “what you don’t already know” and “what to focus on next.” Its predictive analytics pinpoint situations with people, places, products, and processes. Prevent loss faster in-store and online, enhance your inventory position, and streamline your business operations. If you are ready to do more with less, you can improve your retail performance with Secure.
+1 888 371 8686
apprissretail.com
EDITOR’S LETTER
From Analytics to QSR and the Dark Web to Biometrics O ur senior writer, Garett Seivold, was assigned to find out how analytics is playing a role in investigations. In his cover article “Analytics Is Not Just a Numbers Game in Investigations,” he spoke with a number of retailers including Home Depot, Best Buy, Designer Brands, Safeway, Bloomingdale’s, and Walmart, as well as law enforcement and technology providers, to see how investigators are using analytics. The in-depth article on page 15 offers some insights derived from the technology but also reinforces that powerful data is not the only requirement for successful investigation. It still requires strong people who have both the investigative talent and the peer and law enforcement relationships to pull everything together. August is when the Restaurant Loss Prevention & Security Association (RLPSA) holds its annual conference. We like to feature an interview with someone from the quick-service restaurant (QSR) segment to highlight what is going on in loss prevention, safety, and risk management. In our article on page 29 titled “Learnings in the Quick-Service Restaurant Segment,” Executive Editor Jim Lee, LPC, looks back at interviews with restaurant executives to pull together different points of view over the years. You’ll get insights from executives at
6
McDonalds, Dunkin’ Brands, Papa John’s, and CKE Restaurants Holdings (Hardee’s and Carl’s Jr.), as well as crisis management learnings from Wendy’s infamous 2007 finger-in-the-chili fraud attempt. Tom Meehan, CFI, is a very busy man. He not only is an executive with ControlTek during the day, but also writes bimonthly columns for the magazine as our retail technology editor and recently published his first book titled Evolution of Retail Asset Protection (see page 50). In this issue he also provided a feature article titled “Unraveling the Mystery of the Dark Web” on page 41. I heard him present on this topic about a year ago and asked him to produce an article. Even if you are not an investigator who can use access to the dark web for uncovering potential threats to your brand, it’s a very interesting discussion that enlightens (pun intended) us with an understanding of the myths and truths about a topic often misunderstood in the popular press. Apparently, some people do other things besides babysit grandkids and gardening when they retire. Gene Smith, LPC, is one of those people. After retiring from the Loss Prevention Foundation two years ago, he remains active in the industry. In this edition of the magazine, he authored an article titled “Biometrics: Retail’s Best Kept
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
Secret” on page 51. Biometrics is a broad topic encompassing everything from fingerprints to iris scans to facial recognition to DNA. Smith offers an overview of the subject with a focus on how one of the more common biometrics—fingerprint—is being used successfully in different segments of retail. Apart from these four feature articles, don’t overlook our various columns from Wicklander-Zulawski, the LP Foundation, and the Loss Prevention Research Council, as well as the magazine’s Magpie awards featuring two well-known industry executives, Kathleen Smith of Safeway and Bill Titus of Sears Holdings (retired), plus much more. As always, remember that the magazine is provided to our 15,000-plus readers for free because of our advertisers. Not only do we ask that you not skip the ads in the magazine, but also we hope you seek out these prominent solutions providers when you need products and services to include in your asset protection program.
Jack Trlica Managing Editor
IT’S YOUR SPACE. MAKE SURE YOU KNOW WHEN SOMEONE INVADES IT.
SNEAK DETECTION Our tailgate detection solution allows only one authorized person at a time. Its sleek design reduces cost and complexity versus mantraps and other devices, or it can even enhance those solutions. Your access control, made more secure—that’s the Detex effect. DETEX.COM/SNEAK8 · 800.729.3839
EDITORIAL BOARD Charles Bernard Group Vice President, Asset Protection and Comprehensive Loss, Walgreens
John Matas, CFE, CFCI Vice President, Asset Protection, Investigations, Fraud, & ORC, Macy’s
Erik Buttlar Vice President, Asset Protection, Best Buy
Chris McDonald Senior Vice President, Loss Prevention, Compass Group NA
Jim Carr, CFI, CCIP Senior Director, Global Asset Protection, Rent-A-Center
Randy Meadows Senior Vice President, Loss Prevention, Kohl’s
Ray Cloud Senior Vice President, Loss Prevention, Ross Stores
Melissa Mitchell, CFI Director, Asset Protection and Retail Supply Chain, LifeWay Christian Stores
Francis D’Addario, CPP, CFE Emeritus Faculty Member, Strategic Influence and Innovation, Security Executive Council
Richard Peck, LPC Senior Vice President, Loss Prevention The TJX Companies
Charles Delgado, LPC Regional Vice President, Store Operations, Academy Sports Scott Draher, LPC Vice President, Loss Prevention, Safety, and Operations, Lowe’s Scott Glenn, JD, LPC Vice President, Asset Protection, The Home Depot Barry Grant Chief Operating Officer, Photos Unlimited Bill Heine Senior Director, Global Security, Brinker International
Joe Schrauder Vice President, Asset Protection, Walmart Stores Tina Sellers, LPC Vice President, Loss Prevention, Family Dollar Hank Siemers, CFI Vice President, Global Retail Security, Tiffany & Co. Quinby Squire Vice President, Asset Analytics and Insights, CVS Health Mark Stinde, MBA, LPC Senior Vice President, Asset Protection, JCPenney
Frank Johns, LPC Chairman, The Loss Prevention Foundation
Paul Stone, CFE, LPC VP Security, Goodwill Industries of SE Wisconsin
Mike Lamb, LPC Vice President, Asset Protection, The Kroger Co.
Pamela Velose Vice President, Asset Protection, Belk
David Lund, LPC Vice President, Loss Prevention, DICK’S Sporting Goods
Keith White, LPC Executive Vice President, Loss Prevention and Global Sustainability, Gap Inc.
Loss Prevention, LP Magazine, LP Magazine Europe, LPM, and LPM Online are service marks owned by the publishers and their use is restricted. All editorial content is copyrighted. No article may be reproduced by any means without expressed, written permission from the publisher. Reprints or PDF versions of articles are available by contacting the publisher. Statements of fact or opinion are the responsibility of the authors and do not necessarily represent the opinion of the publishers. Advertising in the publication does not imply endorsement by the publishers. The editor reserves the right to accept or reject any article or advertisement.
8
JULY–AUGUST 2019
|
LOSS PREVENTION MAGAZINE 700 Matthews Mint Hill Rd, Ste C Matthews, NC 28105 704-365-5226 office, 704-365-1026 fax MANAGING EDITOR Jack Trlica JackT@LPportal.com EXECUTIVE EDITOR James Lee, LPC JimL@LPportal.com EDITORIAL DIRECTOR Jacque Brittain, LPC JacB@LPportal.com RETAIL TECHNOLOGY EDITOR Tom Meehan, CFI TomM@LPportal.com SENIOR WRITER Garett Seivold GarettS@LPportal.com CONTRIBUTING WRITERS Read Hayes, PhD, CPP Walter Palmer, CFI, CFE Maurizio P. Scrofani, CCSP, LPC Shane G. Sturman, CFI, CPP Bill Turner, LPC David E. Zulawski, CFI, CFE CHIEF OPERATING OFFICER Kevin McMenimen, LPC KevinM@LPportal.com DIRECTOR OF DIGITAL OPERATIONS John Selevitch JohnS@LPportal.com SPECIAL PROJECTS MANAGERS Justin Kemp, LPQ Karen Rondeau DESIGN & PRODUCTION SPARK Publications info@SPARKpublications.com CREATIVE DIRECTOR Larry Preslar ADVERTISING MANAGER Ben Skidmore 972-587-9064 office, 972-692-8138 fax BenS@LPportal.com SUBSCRIPTION SERVICES
NEW OR CHANGE OF ADDRESS LPMsubscription.com or circulation@LPportal.com POSTMASTER Send change of address forms to Loss Prevention Magazine P.O. Box 92558 Long Beach, CA 90809-2558 Loss Prevention aka LP Magazine aka LPM (USPS 000-710) is published bimonthly by Loss Prevention Magazine, Inc., 700 Matthews Mint Hill Rd, Ste C, Matthews, NC 28105. Print subscriptions are available free to qualified loss prevention and associated professionals in the U.S. and Canada at LPMsubscription.com. The publisher reserves the right to determine qualification standards. International print subscriptions are available for $99 per year payable in U.S. funds at circulation@LPportal.com. For questions about subscriptions, contact circulation@LPportal.com or call 888-881-5861. Periodicals postage paid at Matthews, NC, and additional mailing offices.
© 2019 Loss Prevention Magazine, Inc.
LOSSPREVENTIONMEDIA.COM
Connect With Your Crew Let your audience choose their preferred platform to increase awareness and participation. Offer engaging e-learning and communication tools to inspire exploration and growth. Feature built-in feedback applications to obtain their creative input. At LPM Media Group, our mobile and digital solutions move meaningful connections from possibility to reality.
#connectwithyourcrew Digital Magazines
Digital Signage
Mobile Awareness Solutions Custom Animation & Video
Online Learning Management
www.LPMmediagroup.com
RETAIL SPONSORS
10
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
®
Join these great companies as an LP Magazine corporate sponsor. Email JackT@LPportal.com for more information. 11 LP MAGAZINE
|
JULY–AUGUST 2019
INTERVIEWING by David E. Zulawski, CFI, CFE and Shane G. Sturman, CFI, CPP
Thought and Gesture: Part 3 I
© 2019 Wicklander-Zulawski & Associates, Inc.
n the first two parts of this series on thoughts and gestures, we looked at gestures that occur in combination with spoken words. These gestures are also sometimes called illustrators as they help the speaker add meaning and context to the words spoken. Illustrators or gestures are shaped by the individualized needs of the speaker and may be unique to that person’s communication style. The illustrators or gestures are unconsciously selected by the subject and generally have no meaning on their own but are coordinated with the words to help make the message clear. There are other physical movements people make that are not done to support the actual spoken language. These are pantomimes, emblems, and adaptors.
Pantomimes Pantomimes are intentional, symbolic gestures that mimic action and convey meaning independent of language. Playing an imaginary violin while listening to someone’s sob story is a sarcastic, unsympathetic, nonverbal response to the story. The message is clearly delivered without any actual words being spoken. Pantomimes can also provide a suggestion to the observer. For example, suggesting someone zip up their coat might be done by grabbing an imaginary zipper and drawing it up from the waist to the chin. Pretending to zip one’s mouth closed is asking for or promising silence. Each pantomime is consciously selected by the individual to convey an action without using any words. Much like selecting language to describe an event, a pantomime is consciously selected by the individual to convey a specific meaning to another. It’s important for the investigator to note that pantomimes have their own meaning independent of language and that the subject has consciously selected that pantomime to convey a specific meaning to another. Just like the words selected by the individual to describe an event, they are done consciously and should be evaluated as an insight into the person’s thinking.
Emblems Emblems are learned socially and have a culturally agreed symbolic meaning that can fully take the place of the spoken word. Emblems essentially have a common social meaning within a culture or geographic area, although their meanings can change depending on the country or culture where they are used. Emblems are used intentionally to communicate a message to another. Importantly, emblems take the place of words and should be viewed as part of any sentence of
12
JULY–AUGUST 2019
Zulawski and Sturman are executives in the investigative and training firm of Wicklander-Zulawski & Associates (w-z.com). Zulawski is a senior partner, and Sturman is president. Sturman is also a member of ASIS International’s Retail Loss Prevention Council. They can be reached at 800-222-7789 or via email at dzulawski@w-z.com and ssturman@w-z.com.
|
spoken words in which they are included. Many emblems may be included unconsciously since they are used so often. For example, shaking the head no will almost always be included with a denial, although it may be only a partial movement of the head to the side. In a similar fashion, the shrug of uncertainty will accompany the answer that is not definitive. A number of emblems are actively used around the world, some of which have contrary meanings depending on the culture or geographic location. In the United States, placing one’s finger vertically across the mouth is an indication to be
Emblems essentially have a common social meaning within a culture or geographic area, although their meanings can change depending on the country or culture where they are used. Emblems are used intentionally to communicate a message to another. quiet. Waving the hand palm out and above the shoulder line is an indication of hello or awareness of another’s presence. Cupping the hand behind one’s ear and leaning slightly forward is an indication that the person is having difficulty hearing another. The shrug is generally interpreted as, “I don’t know,” or uncertainty of an answer. If someone is asked how many items they have taken and they shrug before responding, “Five,” this should be interpreted as, “I don’t know. Five?” The offer of five should be more fully explored before it is accepted since the shrug would indicate that they are simply offering an initial estimate that may not have accurately been considered. If an individual was asked whether they broke into the store and they nod yes while saying, “I didn’t do it,” we have a contradictory emblem that negates the denial of participation in the break-in. On the one hand, the physical behavior of the emblem yes is saying, “I did it,” while the words selected have continued on page 14
LOSSPREVENTIONMEDIA.COM
LEVEL UP TRAINING TO ACTIVATE THE TRUTH Convert Your Knowledge Into Skill
THE LINK
THE LINK provides investigators with an opportunity to practice their interviewing skills in a risk-free interactive simulation. Save $100 when purchased with a Level I or II training course. WZ Practical Advanced Workshop
LEVEL II
Redesigned for 2019 this workshop will take your interviewing skills to the next level. Work through case studies and exercises created to better prepare you for your next investigation. WZ Interview & Interrogation Techniques
LEVEL I
Learn a series of technqiues, anchored by the WZ Non-Confrontational Method that allow you to successfully resolve cases and identify the truth.
SELECT YOUR LEVEL AND POWER-UP YOUR INVESTIGATIVE SKILLS LEVEL I – WZ INTERVIEW & INTERROGATION TECHNIQUES
LEVEL II – PRACTICAL ADVANCED WORKSHOP
JULY 10 – 11
MINNEAPOLIS, MN
17 – 18
CHICAGO, IL
19
CHICAGO, IL
24 – 25
BALTIMORE, MD
26
BALTIMORE, MD
31 – 1
SAN ANTONIO, TX
AUGUST 7–8
ATLANTA, GA
14 – 15
PORTLAND, OR
14 – 15
BOSTON, MA
20 – 21
SAN SALVADOR, EL SALVADOR
27 – 28
MEXICO CITY, MEXICO
28 – 29
LITTLE ROCK, AR
9
ATLANTA, GA
16
BOSTON, MA
GET THE TRAINING SKILLS TRUTH REGISTER ONLINE:
W-Z.COM
SEPTEMBER 4–5
CLEVELAND, OH
6
CLEVELAND, OH
11 – 12
LOS ANGELES, CA
13
LOS ANGELES, CA
18 – 19
AUSTIN, TX
20
AUSTIN, TX
24 – 25
MONTERREY, MEXICO
25 – 26
TORONTO, ON
27
TORONTO, ON
WICKLANDER-ZULAWSKI & ASSOCIATES | 800.222.7789 | W-Z.COM
or call:
800.222.7789
continued from page 12
entirely different meaning. An investigator should consider this contradiction as an indication that more questions should be asked to clarify the situation. On the other hand, a shake of the head no when responding to the question, “How was their vacation?” may actually support the language. How was your vacation? The subject shakes their head slowly no in an exaggerated fashion and says, “Oh, man, we had the most amazing time.” Here the exaggerated shake of the head is an indication of the awesomeness of the vacation experience instead of a denial of a good trip. An investigator should consider the use of an emblem as part of the reply made by the subject. The evaluation of the verbal response should include the meaning of the emblem. The investigator should consider whether the emblem complements or contradicts the verbal response made by the individual.
Many investigators incorrectly interpret the subject’s gestures or created jobs as an indication of deception. Adapters should be interpreted as an indication of increased anxiety in the individual or a general discomfort with the situation they find themselves in. Many innocent people will exhibit displays of adapters and manipulation because of the uncertainty of the situation that they face.
Timing
Involuntary Gestures Involuntary gestures seem to be hardwired in the brain and are related to our visceral response to emotions such as anger, disgust, or fear. These gestures, much like the expressions of the face, seem to be linked to the basic human emotions, and their use is unconsciously done. For example, in a fear response, we generally move away from the threat and position the hands and arms in front of our bodies. With anger there is tension in the arms, and the fists will often clench preparing for an attack.
Adapters Adapters are body-focused manipulators not commonly related to the spoken words, although some researchers have suggested they may reveal thoughts the individual is trying to intentionally conceal. Adapters are typically touching
14
JULY–AUGUST 2019
behaviors where the individual touches himself or another object usually resulting from an increase of anxiety as a result of a loss of control of a situation. Adapters also manifest themselves as grooming gestures where the individual twirls their hair, scratches, or fidgets using their fingers. These gestures could also consist of nose scratching, picking the teeth or nostrils, picking lint from clothing, or even manipulating a pen or paper clip. Adapters can also take the form of created jobs, such as lint picking or playing with a pen or tissue. These activities help an individual release excessive energy and address the uneasiness of the situation that has increased their anxiety. The use of adapters also gives the individual an opportunity to avert their eyes to supervise the task. Many investigators incorrectly interpret the subject’s gestures or created jobs as an indication of deception. Adapters should be interpreted as an indication of increased anxiety in the individual or a general discomfort with the situation they find themselves in. Many innocent people will exhibit displays of adapters and manipulation because of the uncertainty of the situation that they face. Often, the use of adapters by the subject will diminish as the individual becomes more comfortable during the interview. If the individual is using the grooming gestures as a means to avoid eye contact with the investigator, the conversation should be extended to determine whether these actions are the result of unease with the situation or a conscious attempt to avoid detection. While these movements can be noted by the investigator, their exact cause can only be assumed and, generally, not known for certain. Many people attempting to conceal information will become unnaturally still, almost locking themselves in place.
|
An investigator should also consider the timing of the movement of any gestures. With illustration of the language, the gestures are closely related to the words in a very natural correlation, looking fluid and relaxed. However, if the movements appear mistimed, jerky, fast, or abrupt, the investigator should extend the interview and ask more questions to determine why the individual has a high level of anxiety. For example, a subject was being questioned about participation in a crime, and when asked, he moved his arm across his chest to adjust the pen in his shirt pocket. Since there was nothing for him to write and no need to adjust the pen, this adapter was a created job coming in response to increased anxiety. This adapter taken with the delayed soft verbal denial gave an indication additional questioning was needed in this area. Movements that occur at moments of high stress should be carefully evaluated. This can be done by later returning to this area of the conversation to determine if the level of stress in this area has been maintained. If the anxiety level is still high, the investigator should ask more questions and continue probing the topic. In our next column we will continue to explore the impact of nonverbal observations and their usefulness in identifying areas of increased anxiety. LOSSPREVENTIONMEDIA.COM
FEATURE
ANALYTICS IS NOT JUST A NUMBERS GAME IN INVESTIGATIONS TALENT, RELATIONSHIPS STILL KEY EVEN AS DATA TAKES CENTER STAGE By Garett Seivold, LPM Senior Writer
ANALYTICS IS NOT JUST A NUMBER’S GAME
T
he extent to which retail investigations have been transformed by analytics is a good reflection of just how quickly things move in a technology age. We’re not so many years removed from when we were introduced to the idea, and now it’s hard to think of managing loss prevention without it. “I really can’t imagine a world of AP without data analytics,” said Nathan Bandaries, a twenty-six-year LP veteran who manages the fight against organized retail crime for Safeway in the Denver area. Abraham Gonzalez, CFI, LPC, fraud mitigation manager at Bloomingdale’s, agreed: “Analytics are starting to consume how you conduct every investigation.” Data analytics act as a force multiplier, providing visibility where actual eyeballs have previously been needed. For example, Gonzalez Abraham Gonzalez noted that pass-off cases, in which an associate slides merchandise to a coconspirator, would typically be difficult without physically witnessing the hand-off, and many other schemes have been just as reliant on someone being at a station to view it. “Now, transaction times, when they begin and end, how many items are cancelled or line voided during the transaction, and noting when it’s outside the normal range—now you have data analytics that let you see it.” LP teams are increasingly getting used to this new way of “seeing” theft and conducting investigations. In interviews with LP leaders, the consensus view was that, as an industry, we are getting better and more comfortable with investigative analytics; data analytics are generating a rising share of cases taken up by AP investigators;
16
education is improving, leading to more savvy professionals; and we’re capturing more data points, which is letting us be more predictive. Analytics have also been key to burnishing LP’s image, transcending the security guard stereotype and providing a platform for LP to better partner with other functions. The relationship with technology vendors is also in a positive cycle, experts believe. For example, video can now yield actionable data with analytics while returning fewer false positives, so retailers are spending less energy and gaining greater trust in the data. And as retailers place greater confidence in the technology, technology companies are willing to invest more in building better, easier-to-use LP tools, which spurs even more trust in, and greater reliance on, analytics. Home Depot is among leading retailers upping their investment in
Analytics have also been key to burnishing LP’s image, transcending the security guard stereotype and providing a platform for LP to better partner with other functions.
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
analytics to better leverage the power to identify problems, combat theft and organized retail crime (ORC), and identify opportunities to improve the business through more predictive modeling. “On the reactive side, we spend time reverse engineering how one person caused a problem and recreating it to see who else may be engaged in the same activity. Because if one person is using an opening to commit a bad act, Nate Cunningham then chances are that others are too,” explained Nate Cunningham, director of AP forensics at the nation’s largest home improvement retailer. “And we run proactive patterns on data, looking for ways people may be taking advantage. And sometimes you miss, and sometimes you hit, which then allows you to create an ongoing alert for that activity.” A critical part of driving effective investigations through data analytics is, well, data. The more, the better, according to Scott Pethuyne, senior manager for Scott Pethuyne asset protection at Designer Brands. “We’re either doing everything exactly right, or we’re collecting data,” Pethuyne explained during a presentation at the 2019 NRF Protect conference in Anaheim. As Home Depot has undergone some data infrastructure transition in recent months, this has made more data available for data analysts on its AP forensics team—but it’s not a process that retailers “complete,” suggested Cunningham. “We’re always adding new data,” he said. “It’s a never-ending process, especially as new information is collected and
ANALYTICS IS NOT JUST A NUMBER’S GAME
connected and as we come up with new ideas.” Lisa Brock, national director of investigations at Best Buy, made a similar point in her NRF Protect presentation, noting that it’s important to open and tap different data streams to combat theft trends as they emerge. Each Lisa Brock new retail sales idea—such as buy online, pickup in store—brings risk with it, and while it’s often “hard to get analytics around it,” data is critical for devising countermeasures, said Brock. For example, she noted that Best Buy investigators are in a better position to combat porch pirates and other losses in ship-from-store orders because they track data on which stage of the order a package was lost, such as after customer delivery or after packaging but before shipment pick-up. Similarly, she said it’s beneficial to work with human resources to get employee home address data to check against ship-from-store orders for an alert if employees ship orders to themselves. Analytics have enabled Safeway’s AP team to build higher-quality cases, but it’s not the only benefit. “We’re having another positive effect, in that we’re also able to react to cases far faster than previously,” said Bandaries. “Before analytics, you might have had someone getting away with their fraud for a year, but now you’re recognizing it after a couple of times, way faster than in the past.” Data is the difference, highlighting discrepancies as they emerge instead of waiting for word of mouth, a tip, or stumbling across an inconsistency by accident. But even if data is laying the groundwork for investigations these days, it is still people driving the show.
The People Piece While essentially a numbers game, the leveraging of investigative analytics remains a very human endeavor. It requires the marriage between number crunching and the human intelligence that investigators bring to the equation. “When I think of analytics, I think of the partnership between the data analytics staff and the investigative team,” explained Bandaries. “Without that partnership, we wouldn’t be able to do what we do.” Gonzalez similarly stressed the value in strong partnerships, noting that many LP departments hand off information between analysts and investigators, “but a lot can be lost in translation,” he warned. But when
While essentially a numbers game, the leveraging of investigative analytics remains a very human endeavor. It requires the marriage between number crunching and the human intelligence that investigators bring to the equation.
there is partnership, synergy, openness, and alignment—with both teams learning from each other’s skill set and becoming well versed in the other’s function—better investigations are inevitable. “It’s the concept behind quality over quantity. You want that quality in your investigations and not just have data analysts hand you a sheet,” said Gonzalez, who has fifteen years of experience in e-commence and ORC investigations, software implementation, and data analytics. “Here at Bloomingdale’s, it’s okay to have an opinion, to challenge one another, for investigators to challenge data analysts and vice versa.” It can help to have central investigative teams and data analysts work in close proximity, suggested Home Depot’s Cunningham—and, if not physically, then at least through process alignment. “It’s not workable to have groups working in different silos; you need to be in lock step,” he said. “You need a good communication path, to regularly share ideas and concepts, with both sides learning from the other.” It’s also important to enhance the connection between data analysts and business partners to understand loss and shrink trends and changes in risk. “The organization needs to be aware of the importance of keeping AP in the loop of issues that could create exposure,” Cunningham added. Onboarding the right talent to the analytical team that supports AP is also playing a critical role in helping Home Depot get investigative value from analytics. The perfect candidate—a brilliant data scientist with extensive LP experience and expertise—is a “unicorn,” Cunningham said, so they look for skill and adaptability and toss in continuous learning. “We look for that strong statistical background, but we also find people
17 LP MAGAZINE
|
JULY–AUGUST 2019
ANALYTICS IS NOT JUST A NUMBER’S GAME
who show they can be a quick study and then pair them with AP investigators. And that concoction has proved to be a good recipe.” Because of the value data analysts bring, keeping and retaining talent is also a growing challenge facing LP departments. To provide even more data support to investigators, Home Depot has recently added new staff positions in its three AP investigative divisions. “It allows us to take advantage of analytics capabilities that field investigators—running and gunning out in the field—don’t have time to dig into,” said Rory Stallard, senior manager of AP investigations in its western division. The new hires reflect the company’s continued investment in analytics and its drive to be more efficient. “We should be able to work smarter, get results with less effort, connect dots that we may have missed, and accelerate our closure rate,” said Stallard. Data analytics are ingrained into Rory Stallard the AP group at Safeway, a banner within the Albertsons Companies. Most divisions employ a full-time data analyst in the AP department, working forty hours a week, as well as analysts on the corporate team—and they play an outsized role in generating cases. “It produces a large yield for us,” said Bandaries. “We rely on data analysts and analytical tools to conduct investigations; the role of analytics in our AP world is huge.” He described a typical case flow in today’s retail environment. Data analysts are constantly monitoring common presets for excessive voids, for example, as well as creating their own data sets to monitor for normal and abnormal activity. When analysis identifies
18
out-of-range activity, the analytics team digs in, teasing the story out of the data, the plot from the numbers. “That’s when the true analysis and research happens,” said Home Depot’s Cunningham, noting that data analysts play a critical role in identifying whether discrepancies are malicious in nature, present a training opportunity, or if “looking below the surface may unwind a different huge opportunity.” The initiation of an ORC case is typically different than in years’ past, noted LP executives. Some cases are still born from incidents in stores, but it has become more common for investigations to be pushed forward by trends observed in data. Analytics similarly indicate which cases are valuable enough to make it worth investigators’ time to
It’s not only human skill that shapes the value of investigative analytics, it’s also human limitations. A burgeoning area of analytics is built around trying to put information extracted from data analysis into formats that the human mind can more easily make sense of.
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
go after. But that is not to say the value of in-store intelligence has been lost, noted Cunningham. “We haven’t turned our back on what associates see and tell us; in fact, we’re doing a better job than ever crowdsourcing and getting tips, and then using that to inform our data analysis,” he said. Often, data analysts will access store video or other sources of data to help prove up the case, or perhaps to identify if the anomaly is instead the result of a training issue or a systems snafu, such as a glitch in the point of sale. Whatever the cause, analytics provides the AP team the ability to rapidly identify and remediate causes of loss and inefficiency. “Identifying training issues can be a huge area for us, such as a process that has not been communicated correctly to associates, which Nathan Bandaries they can see through the data,” said Safeway’s Nathan Bandaries. In those cases, the ability to act quickly and correct the training gap prevents loss that typically exceeds even cases of widespread fraud. Although computation extracts the narrative, there is still strong reliance on people looking in the right places. The ability of 1s and 0s to do their job hinges on experience, intuition, creativity, coordination, and relationships, suggested LP leaders. For example, to improve identification of fraud schemes, inefficiencies, or problems that need solving, there must be continuous refinement of data presets and monitors, which is typically reliant on human skill and coordination. “It’s based primarily off the knowledge of the analyst and their partnerships with their fellow
ANALYTICS IS NOT JUST A NUMBER’S GAME
analysts, as well as the understanding of corporate teams to understand trends in other divisions that could carry over into those divisions that are not currently experiencing the issue,” Bandaries said. “Also, analysts will often come up with their own analytics and their own ideas based on their experience, trends, and understanding of history.” Analytic tools are improving, which can remove some of the technical work from investigative equations, but savvy and experience are still required to extract maximum value from data input. Gonzalez, who serves in both the role of data analyst and investigator, described some of the skills and strategies that serve teams well. “You need people who are intrinsically skilled to see outliers, who are disciplined, understand statistical theory, and can put it in context alongside all
the other data,” he said. “And you need to be savvy enough to understand when you have a false lead, and this is where a good feel for the industry and understanding what’s going on in the building helps.” Looking at data from all sides is also important, as Gonzalez highlighted in a recent LP success story. The data seemed to be all positive, with a sales associate ringing up impressive sales numbers on mobile transaction devices—until it was discovered that a significant number of them were fraudulent and made using stolen credit cards. “It’s not something we would have noticed except that we examined nontraditional points of data and were willing to consider what is driving the data even as it’s being celebrated,” said Gonzalez. “You have to look for fraud on both ends of the spectrum and look for outliers on both the negative and
positive side. When you have too much of anything you need to question it.” The interplay between investigators and data analysts often continues all the way to the interview room door, said Bandaries. “There is a bunch of back and forth throughout the process. I know of times when investigators would step out of room as they are ready to go into an investigation and will make one last call to the analysts, to make sure they are on point with their investigation and that they have a thorough understanding of the loss avenue—and analysts support them in that.” Data analysts also fill the role of educator for new investigators, helping them to understand how actions and illicit behavior are observable in the data. As it suggests, the partnership between AP investigative teams and data analysts is more important
?
DID YOU DIG DEEP ENOUGH
19 LP MAGAZINE
|
JULY–AUGUST 2019
ANALYTICS IS NOT JUST A NUMBER’S GAME
than ever to breaking up theft rings and reducing shrink. “The partnership with the analysts is huge. It’s the most important part of our having been able to conduct large successful internal cases, breaking up a prolific external refund fraud operation, and even in smaller cases,” said Bandaries. “Often, analysts put together everything for us so that literally all we need to do is conduct the interview.” Data analysts typically generate cases—identifying data to monitor, focusing on unusual findings, developing information, adding corroborating evidence such as photos or video if available in a case file, and then putting that in an email to AP investigators. “Very rarely do we do some digging and find out that there is not something there or that there is not a case. Most of the time it is dead on,” said Bandaries, while also suggesting that a successful long-term partnership can’t be a one-way street. “One thing we’re always sure to do is to include data analysts in the conclusion of the case, and to say, ‘this was the yield of that case’ and ‘here is what that person admitted to.’ Completing the circle helps give them some ownership. Letting them know how cases turned out is extremely important to us moving forward with future cases.” Designer Brands shared their success story at NRF Protect. To combat a trend in rising shrink at stores, its AP team began to focus on improved data analysis to Adam Gilvin make effective decisions, according to Adam Gilvin, the footwear retailer’s director of asset protection. “Seven or eight years ago you started to hear about big data. Well, we have
20
a lot of data—we’re satisfied with our data—but what do you do with it? Where do you push it?” For answers, AP is centralizing its analytics function and hiring more analysts to build out an elite team that is highly skilled in “data-driven decision making,” said Gilvin. “We were too often making decisions on anecdotal evidence or based solely on experience.” Pethuyne is one of those recent experts hired to kickstart a more analytical AP approach. Already he is finding success in identifying fraud patterns in
For loss prevention, these advances lay the groundwork for increasingly smart pattern detection in retail transactions. Models become more capable over time at identifying previously undetected fraud patterns and better at distinguishing between problematic and legitimate transactions.
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
online sales, such as whether customer service representatives are sending packages to friends and family. “That has been successful for us, a good case generator,” he said. “We also did the same thing with store associates that might be doing it, and we were getting hits right away. It was a good case generator from minimal work.” Pethuyne noted the importance of working off a robust data platform (in their case, Profitect) that permits easily transitioning between data in different parts of the business. “You want to be able to easily jump from the sales module to data on the back of the house,” he said. “That ability to pivot easily [between data] provides additional value.” A data-driven approach is cutting costs as well as reducing fraud at Designer Brands. For example, data noted a significant overspend by stores on expensive EAS tags, and by using analysis to rank shoe brands by theft risk and targeting price points they wanted to protect, they redesigned their EAS strategy, reduced shrink, and secured significant savings for the company by reducing its spending on tags. “That is where having data really shines,” said Pethuyne. Still, the industry could improve its use of analytics, said industry leaders. For example, several leading LP executives suggested that the industry can do a better job conducting post-case analysis to show the return on investment of ORC investigations. By putting analytics to work on sales data and inventory turns, the financials of ORC rings, shipping data from fence operations, and other sources, LP teams can put a reliable price tag on investigative cases and cite specific harm in victim impact statements. Taking the time to apply analytics in this way can dispel the commonly held idea that there is no good way
ANALYTICS IS NOT JUST A NUMBER’S GAME
to measure the value of an ORC case. Finally, it’s not only human skill that shapes the value of investigative analytics, it’s also human limitations. A burgeoning area of analytics is built around trying to put information extracted from data analysis into formats that the human mind can more easily make sense of. Home Depot’s Nate Cunningham, for example, said his AP data team has focused on tools to provide better data visualization for its field partners, to find creative ways to help them make use of data without overwhelming them. Visual simplification is also a driving force behind the growing use of maps in connection with analytics. “If anyone is not using GIS (geographic information systems) with their LP analytics and business analytics, they’re missing out,” said Scott Peacock, director of analytics and insight for Walmart Global
Investigations in a 2018 interview with LP Magazine. “Adding a geospatial component opens up lots of different avenues that otherwise might Scott Peacock have been missed or misunderstood.” LP collects myriad data describing the time of events and locations. Geospatial analysis uses this data to build maps and other visuals to depict where and how changes are taking place, to anticipate and prepare for future changes, and to make complex relationships understandable. Such geographic profiling can spatially focus an investigation and yield insights that are impossible to see in the data alone. “There absolutely is unique value in seeing things expressed visually. There are often patterns of
things that cannot be understood unless you view them spatially,” explained Lorie Velarde, GIS analyst with the Irvine Police Department in California. Using transactional databases to search inventory and product sales, geospatial analytics allows analysts to visually identify emerging patterns and gain advanced security intelligence. Maps show where ORC activity is occurring and where it’s likely to head next. “We’re able to leverage predictive analytics to identify where and when bad actors are going to hit, and we can then stage targeted surveillance, do some target hardening, or prepare for an apprehension,” explained Peacock.
A Smarter Future Analytics already are at the center of generating cases for investigation, but there is still “a lot of growth potential,” said Bandaries. Safeway, for example, has plans to integrate
The world’s most compact, full performance and customizable EAS antenna uniquely compliments store design, enhancing the customer experience. checkpointsystems.com 21 LP MAGAZINE
|
JULY–AUGUST 2019
ANALYTICS IS NOT JUST A NUMBER’S GAME
Skills Needed by LP Departments, 2019* 70%
62% 50%
40% 30%
35%
33%
29%
29% 16%
10%
5% 0%
Analytical
Cyber Security Investigative
Computer Skills
Leadership
Emotional Intelligence
Interviewing
Other
*For programs to be successful or grow Source: 2019 National Retail Security Survey, National Retail Federation; University of Florida
more video analytics into its investigative processes. Bloomingdale’s is also taking advantage of the “monumental changes” in video analytics that Gonzalez sees. “Who is lingering in what area, putting two things in the bag and ringing up just one—the technology of the cameras and the ability to translate that video information into numbers for analysis is allowing for a much better understanding of what’s happening in our environment,” he explained. Retailers are also pulling in data from facial recognition or other identification solutions. Using such tools can permit ORC investigators to piece together crime events, each one of which could be its own police report, in a more comprehensive way—to fundamentally disrupt an ORC operation rather than make a single arrest. Managing the privacy
22
component of this and other identification technologies will be a test for retailers and could be a near-term drag on adoption, said some LP leaders. The quality of analytic dashboards grows more important, as even more data heads LP’s way. Continuous analytics of all sales reducing activities (SRAs) and related data is inevitable in retail, as it provides a reliable, economical way to fix systemic problems, reduce shrink, and ultimately improve profits. Eventually, all data correlates with future sales figures. Machine learning and artificial intelligence (AI) is also transforming the analytics landscape. Leading global retailers are already leveraging it for a variety of purposes. For example, a mix of accelerated analytics and deep learning is helping retailers with pricing strategies, and retailers are running daily profit-optimization
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
calculations to know how best to distribute which products to which stores. Online, AI works on customer data to help retailers provide more personalized shopping experiences and to help e-commerce platforms adapt to the needs and interest of online shoppers. AI can also fuel predictive price and forecast simulations to boost revenue by fractions of a percent, which for giant retailers can add up to millions. For loss prevention, these advances lay the groundwork for increasingly smart pattern detection in retail transactions. Models become more capable over time at identifying previously undetected fraud patterns and better at distinguishing between problematic and legitimate transactions. Previously hard-to-identify collusion cases—those spread across large numbers of customers, for example—are drawn into sharp
ANALYTICS IS NOT JUST A NUMBER’S GAME
relief. Investigators become more efficient. Predictive analytics are more easily added to those focused reactively on shrink. Data analysis transforms into a 24/7 function. In this emerging world, a large retailer can compile a list of all its top risks—regulatory compliance, brand protection, and so on—and then turn machines loose to identify when trends start to emerge or behavior changes. A slight anomaly in the cashing of IRS refund checks, for example, could mean a retailer is processing more counterfeits. How will LP fit in this new world order? How is the role of a LP professional likely to change? Retailers at the forefront of this trend shared some of the changes that they expect to result: ■ Greater centralization of analytics ■ A shift toward internal process improvements and internal theft and away from external theft ■ A lowering of criticality, such that increasingly smaller loss events can become targets of prevention ■ More responsive LP countermeasures as retailers identify instances of fraud in real time ■ A reduction in overall LP headcount ■ Greater value assigned to LP practitioners with specialized skills who can wear multiple hats ■ Greater focus on using data to target issues that can be corrected or problems that can be solved with existing personnel resources. One misconception about the future is just how far off it is. Some leading industry experts said that the open source nature of AI problem-solving makes it less labor intensive, less expensive, and easier for retailers to pull off than they probably think. Given the results it can yield, cost for a major retailer isn’t even an issue, some say. And though perhaps fewer in number, people—and the relationships between them—will still play a critical role in an AI future, say industry leaders. Data scientists and criminal behavioral analysts will work side-by-side, with analysts identifying tools they need and software teams taking company data to start building those tools within hours. Loss prevention professionals will have a role in a machine-learning world, said Gonzalez. “People, more than machines, can look at items for the X factor that might escape data’s attention, to see more than what is in front of them, to make inferences from their understanding of the battle,” he said. “You can get very good info from machine learning, truly actionable data, but you need a person to interpret, and to contextualize, and to see a data point that a machine might have missed.” Far from subtracting from the value of LP professionals, increased reliance on analytics and more powerful analytic tools may ultimately enhance it, suggested LP leaders. Data offers LP a clear path to becoming the full business partners we strive to be, they said.
DOUBLE THE POWER 20% MORE COVERAGE LOUD AUDIO
1-800-950-5005 • www.kenwood.com/usa 23
LP MAGAZINE
|
JULY–AUGUST 2019
CASE STUDY
The Impact of Implicit Bias in Professional Investigations
By Mike Bowers, CFI Bowers is vice president of asset protection for Northgate Gonzalez Markets based in Anaheim, California. Before going to Northgate in 2013, he spent thirteen years with Harris Teeter grocery stores in multiple loss prevention roles from single store to director. Early in his career, Bowers held store-level roles with Hannaford Bros., Home Depot, and Lowe’s. He can be reached at mike.bowers@northgatemarkets.com.
K
nowledge of how to apply professional presence is of paramount concern in criminal investigations. The experienced investigator understands the importance of word selection and uses language deliberately and carefully. A jury will view the terminology used in the investigator’s written and spoken testimony as an indicator of the quality and accuracy of the investigation. Keywords relating to the conversation that has taken place and, importantly, references to the person who answered the investigator’s questions will be perceived to represent bias or objectivity. This case study explores how the presence of two sets of words—interview versus interrogate and subject versus suspect—will affect the perception of the public at large and, thereby, a jury. Because unconscious bias is present in society, investigators must observe the importance of their word choices as a critical factor in the establishment of their professional presence.
Words that Maintain a Professional Presence Understanding and applying industry-specific terminology is critical to the construction of professional presence. In the US, the legal process operates as an “adversarial system,” meaning the investigator and the individual on trial have directly opposing and incompatible positions relative to the outcome of criminal conviction. The ultimate objective of an investigator is to find the truth, and thus, the terminology used to describe that process must not be tainted by biased language. Interview versus Interrogation. In the field of investigation, the terms “interview” and “interrogation” are often used interchangeably. Due to negative connotations associated with the latter, conversations that explore the guilt or innocence of the person being questioned must be positioned as “interviews” rather than “interrogations.” The word “interrogate” is associated with coercive techniques as often depicted through dramatic scenes shown in theaters and on television. To exemplify this, one can execute a simple search engine query, independently using the two words in association with a popular movie. One can test this theory by Googling the phrase “Sicario 2 interrogation.” The first page of results showed a plethora of violent terms,
24
JULY–AUGUST 2019
|
including “kill,” “rape,” and “torture,” with the top result linking a movie clip where a villainous subject is questioned by an equally depraved US government operative. The subject’s family members are murdered to compel the subject to reveal information necessary to the conclusion of the investigation. Further, the term “extrajudicial” appears in one comment, imputing interrogation as illegal as judged by the standards of the US legal system.
The ultimate objective of an investigator is to find the truth, and thus, the terminology used to describe that process must not be tainted by biased language. A subsequent Google search of “Sicario 2 interview,” revealed a first page of search results containing photos of smiling actors who were merely being questioned about the movie. The results presented no derogatory terms, with the closest connotation posited as “moral complexity.” As Google seeks to prioritize search results based on relevance and contemporary use, this is a short case study that immediately establishes the importance of careful word selection. As a practical application, imagine an investigator being called to the witness stand to testify on a written report that details an admission of wrongdoing by the individual on trial. The defense attorney asks a couple of easy questions that confirm authorship such as, “Did you write this report?” and “Did you select the words used in this document, or are they part of a standard that you’d use to write about anyone you’ve spoken to?” After receiving confirmation, the attorney begins to try to erode the jury’s confidence in the investigation, inferring that harsh techniques have been employed to obtain an involuntary admission. “When you started talking with Mr. Jones, did you view it as an ‘interrogation,’ or did that come later?
LOSSPREVENTIONMEDIA.COM
“A moment ago, you referred to this as a ‘conversation,’ but your written report shows that you viewed this as an ‘interrogation,’ correct? “I’m just trying to understand what differences you see between a ‘conversation’ and ‘interrogation.’” “What type of techniques do you normally use when ‘interrogating’ someone? Would you ‘interrogate’ someone you believed to be innocent?” The investigator’s problematic diction is evident in this example, and yet there is another critical distinction that can be used against the investigator to assert bias further. Subject versus Suspect. The language the interviewer uses to describe the person being interviewed is of equal importance. The interviewer might present the interviewee as either a “subject” or a “suspect” in case reports and witness testimony. Here again, the latter terminology can be construed as pejorative and must be set aside in favor of “subject” under the auspices of accurately depicting the interviewer as impartial. Using the same technique as before to test the implicit prejudice of these two words, two Google searches were conducted: the first “interview suspect” and the second “interview subject.” Predictably, “interview suspect” returned results containing adverse inferences such as “violence,” “bias,” and “custodial.” Interestingly, the top result also contained the word “interrogation,” linking it to the previously presented term. Whereas the search for “interview suspect” revealed alarming associations, the subsequent search for “interview subject” revealed dramatically different attributes. The first page
W W W. A M P H I O N . B I Z
|
contained terms like “greet,” “clearly,” and “carefully.” The word “thank” appeared fourteen times, and the only photo linked on the page showed someone appearing to laugh. One can easily imagine how unfriendly the witness stand might feel to the investigator who wrote about the “interrogation” of a “suspect.” This experiment further highlights the criticality of word choice in framing the interviewer as having conducted an unbiased review of the legitimate facts in a criminal case. While other aspects of obtaining a fair verdict include the investigator’s ability to submit a circumspect collection of evidence and a technical presentation to a jury, it is clear that an investigator’s terminology has a bearing on the audience. The perception of fairness is critically important as it directs jurors to focus on the most important thing—the evidence itself.
Word Selection as a Professional This case study focused primarily on how the public at large, serving in the capacity of a jury, might attribute an investigator’s rhetoric to underlying motives. However, there is a much broader lesson to be learned. Society judges people by their word choices. The consummate professional seeks to present their case in a manner unconstrained by the taint of partiality attributable to language. One might dress appropriately and work methodically and deliberately, but word selection plays an equally vital role on the impressions made with colleagues, superiors, and even potential employers.
800-520-2677
We Are Amphion We are the leading security integrator specializing in loss prevention and security products and service. Discover the Amphion Advantage with our National Service Program — providing 24/7/365 support within 4 hours!
Contact: Paig Parish, Executive VP Sales & Marketing at Amphion and Owner, Amphion, paig@amphion.biz, 800-520-2677 Industry Leading Key Solutions 25 LP MAGAZINE
|
JULY–AUGUST 2019
CERTIFICATION Interview with Sarah Torrez, CFI, LPC Torrez’s loss prevention career spans twenty-seven years, starting as a part-time store detective with CVS drug stores. She held several LP positions within CVS and later joined Smart & Final as a district loss prevention manager. She then went on to The Limited as a regional LP manager. She is now the director of loss prevention for Aero OpCo LLC where she directs all the loss prevention functions of the Aeropostale and Nautica Brands. Aero OpCo LLC operates over 600 stores throughout the US. Torrez is also a legacy member and is on the advisory council for the Loss Prevention Foundation.
College-Level Education
understand my partners and communicate with them with better understanding of their specific job roles.
Why did you decide to pursue your LPC certification? When you have been in loss prevention for so many years, sometimes you get complacent and think that you know everything you need to know, but that is not the case. Every bit of education helps regardless of how long you have been doing what you have been doing.
If you could offer one key takeaway to someone currently considering getting certified, what would it be? As part of the hiring process, seeing the LPC designation on a resume matters. That, along with your experience, will make you stand out over all others.
Was the coursework what you expected? I absolutely did not expect that it would be so extensive. I thought with my experience I could breeze through it; not so.
How would you compare the foundation certifications to other educational courses that you’ve taken? This is a college-level course with respect to quality and content. It is also important to note that this course was developed by our industry leaders; therefore, it touches on every category that is vital in our loss prevention field.
Talk about the process of going through the coursework and taking the exam. This is where my organization skills kicked in. I really had to prioritize daily study time to be able to keep up with the material. As far as taking the exam, they made it easy. At first, it is intimidating, knowing how many questions there are. But once you start the questions, if you prepared, you can get through it fairly easily.
This is a college-level course with respect to quality and content. It is also important to note that this course was developed by our industry leaders; therefore, it touches on every category that is vital in our loss prevention field.
Looking at your own personal background and knowledge, what information in the course helped you the most? The distribution section of the coursework helped me out tremendously. Having had most of my loss prevention experience within the specialty retail field, I did not have a lot of knowledge within the distribution center area. What was the most eye-opening information that was part of the curriculum? What was most eye-opening was how vast the loss prevention field is. Having gone through the coursework, it reminded me of how we touch every aspect of our company’s bottom line.
How has certification changed your expectations of loss prevention as a career, for yourself and for others? The coursework has challenged me to be better. It has allowed me to gain confidence in what I do on a day-to-day basis. I would have to say that it has made me love what I do more and work hard toward what’s next.
What benefits have you seen from taking the course? The LPC coursework has opened up my eyes to many aspects of my job. It has allowed me to better
26
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
Would you recommend certification to others? Yes, definitely. I am an advocate of continued education and will always recommend the LPC course since it has the most holistic approach to our field.
Our Success Starts with Our Partners DOCTORATE LEVEL PARTNERS
Newly Certified Follow are individuals who recently earned their certifications.
Recent LPC Recipients Michelle Bannerman, LPC, Shoppers Drug Mart Danielle Bentley, LPC, DICK’S Sporting Goods Michelle Bruneau, LPC, Big Y Foods Davinder Cheema, LPQ LPC, Best Buy Canada Michael Clay, LPC, CVS Health Jada Curtis, LPC, TJX Christopher Dyess, LPC, Claire’s Stores Michael Giblin, LPC, Loss Prevention Research Council Victor Gomes, LPC, MetroPCS Jason Johnstone, LPC, DICK’S Sporting Goods Stephanie Liadis, LPC, Lowe’s Yi Lin, LPC, Loss Prevention Research Council Kevin Marquardson, LPC, Smith’s Food and Drug Conrad Nelson, LPC, Lowe’s Companies Ethan Oppenheim, LPQ LPC, Hollywood Casino Columbus Joel Roberts, LPC, Kum & Go Richard Rodriguez, LPC, Comcast/NBCUniversal Patricia Rose, LPC, Shoppers Drug Mart Donald Ward, II, LPC, DICK’S Sporting Goods James Warmbrod, III, LPC, DICK’S Sporting Goods
MASTER LEVEL PARTNERS
BACHELOR LEVEL PARTNERS
ASSOCIATE LEVEL PARTNERS
Recent LPQ Recipients Miguel Castaneda, LPQ, TJX Michael Crissman, LPQ, The D&D Daily Austin De Tray, LPQ, James Madison University Ryan Emmons, LPQ, Nordstrom Thomas Foster, LPQ, Walmart Stores Lauren Granville, LPQ, University of Indianapolis Charles Houghton, LPQ, CKE Restaurants Angelique ONeal, LPQ, University of Indianapolis Kamren Powell, LPQ, Mississippi College Andrew Rich, LPQ, Tiffany & Co. Joshua Starner, LPQ, The Wireless Experience Joseph Tabaniag, LPQ, 7-Eleven Michelle Wen, LPQ, Bloomingdales
inc.
Professional development is key to a fulfilling career. Visit www.LossPreventionFoundation.org to find out more.
20% Off the LPQ or LPC Course. Use discount code LPMAG20 by August 31, 2019.
SM
Educating an industry, one leader at a time. 27 LP MAGAZINE
|
JULY–AUGUST 2019
LPM EXCELLENCE The LPM “Magpie” Awards offer a means to celebrate industry accomplishments on an ongoing basis, recognizing the loss prevention professionals, teams, solution providers, law enforcement partners, and others that demonstrate a stellar contribution to the profession. The ability to influence change is a product of drive, creativity, and determination, but it also requires a unique ability to create a shared vision that others will understand, respect, support, and pursue. Each of the following recipients reflects that standard of excellence, representing the quality and spirit of leadership that makes a difference in our lives, our people, and our programs. Please join us in celebrating the accomplishments of our latest honorees.
LPM Magpie Awards: Applauding Excellence Excellence in Leadership
Excellence in Leadership
Kathleen Smith, Vice President of Asset Protection, Safeway
Bill Titus, Senior Vice President of Loss Prevention, Sears Holdings (Retired)
“I believe a true leader must be honest and have integrity,” said Smith. “We should always do what’s right—even when no one is looking. We must be thoughtful, have courage, and take the time to really listen to the team. Having the ability to identify an individual’s strengths, focus on those strengths, and then show the courage to empower them to reach their goals is a cornerstone of leadership.” This was a lesson that Smith learned firsthand. After transitioning from law enforcement to the private sector and working her way up the career ladder, she believes that earning and holding that level of perspective is extremely important. “I’ve held every position in the asset protection department for our company and in multiple divisions, from investigator to my current role,” she said. “This has given me a broader and better perspective of the many issues facing the team. It helps me fight and support their battles at the corporate level—and hopefully helps make their jobs easier.” Smith has twice been named among the “Top 100 Women Executives in the Grocery Industry,” an honor traditionally awarded to executives from the business or marketing side of the business. But when referring to the award, she speaks beyond the personal accolades. “Recognizing the value of asset protection to the industry as a whole validated, for me, that our efforts to be accepted as true contributors and having a ‘seat at the table’ are being acknowledged.” Smith also emphasized the need for young leaders to diversify their knowledge base. “Never stop learning or growing,” she said. “Our industry is continually changing, and we need to be open to change ourselves. Don’t get stuck in a rut. Treat others fairly and with dignity, have the courage to try something new, and have the willingness to admit when you’re wrong.”
“I accidentally started my career in retail as a controller with Montgomery Ward when the job market was difficult—a role I saw as temporary until the employment market improved,” said Titus. “Yet forty-five years later, I was still in retail. As it turned out, there wasn’t a moment that I didn’t enjoy what I was doing. The same dynamics, individual growth, learning, and pace challenged me at each level and motivated me to excel.” Titus feels that the opportunity to work with smart, dedicated individuals and “having a small part in helping their growth” are among his greatest accomplishments in loss prevention. “To be successful, you need to be a thought leader, a great developer of people, have the fortitude and resilience to influence outcomes, be a great listener, have the confidence in your team to allow them to influence the organization’s direction, and then lead that change,” he said. “It brings great satisfaction as I look back over my career to see those I had the opportunity to work with now taking their place as leaders in the industry.” He believes that the path to long-term success starts with being a great learner. “Take the steps to understand the business that you’re in and how your function and your input can impact the organization as a whole,” he said. “It’s not about winning your point but understanding how this leads to the best possible outcome for the company. Also, don’t be afraid to zig-zag along your career path. This helps build your knowledge base and improves your overall value to both your company and the industry. Development happens at all levels. While self-improvement is essential, make sure you’re involved with your team’s growth, the growth and awareness of your partners within the company and others throughout the industry when the opportunity arises.”
Nominate Your Peers at Excellence@LPportal.com 28
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
INTERVIEW
LEARNINGS IN THE
QUICK-SERVICE RESTAURANT SEGMENT By James Lee, LPC, LPM Executive Editor
LP MAGAZINE
|
JULY–AUGUST 2019
29
LEARNINGS IN THE QUICK-SERVICE RESTAURANT SEGMENT
O
ver the years, LP Magazine has interviewed a number of executives in the casual and quick-service restaurant industry as well as published contributed articles from practitioners in that segment. In conjunction with the 40th annual conference of the Restaurant Loss Prevention & Security Association (RLPSA) August 4–7 in Nashville, we look back at some of the past articles and provide excerpts here. The full articles can be found on the magazine website at LossPreventionMedia.com.
leadership came from restaurants, so we embrace that. “Also, when we want to test and try something new, whatever that might be—a menu item, a piece of equipment, a design in a restaurant—our company-owned restaurants provide a good location….” “Serving and supporting the company-owned and franchise-owned restaurants are both very important.
McDonald’s is not in the security business, we’re in the hamburger business. Therefore, we need to be good students of the business and be seen as true business professionals first, subjectmatter experts second. If we apply this approach, it shouldn’t matter the number of restaurants. It’s really about being smart and leveraging your resources that achieve the best results.
professionals first, subject-matter experts second. If we apply this approach, it shouldn’t matter the number of restaurants. It’s really about being smart and leveraging your resources that achieve the best results….” “For any issue, we have a two-pronged approach—proactive and reactive. From a proactive standpoint, it’s all about education, training, and awareness. Sustaining the security and protection of our employees and customers is the number one goal, so we focus on educating our managers on safety practices, crime prevention, and food and inventory standards. We want our training programs to be there to minimize any issues we can before they happen. “Then the other prong is reacting to situations that may arise, whether a crime, accident, or a situation that could impact our customers. We get a lot of attention. It’s one of the wonderful things that come with being one of the most recognized brands in the world. But a lot of the focus on us is just a simple result of being deep in the community.”
McDonald’s USA Rob Holm, Senior Director of Safety and Security for US Operations Excerpts from “From Corporate Security to Restaurant Loss Prevention and Safety” July–August 2016 “We have approximately 36,000 restaurants worldwide and serve more than 67 million people a day. Within the United States, we have approximately 14,000 restaurants serving more than 25 million people a day….” “We believe that our company-owned restaurants serve a valuable purpose, and it’s really about the people. We put people through our restaurants. We train them. We develop them. We want them to mature. We want them to grow. We want them to be successful. In fact, about half our
30
Almost my entire team is located in the field, which provides them a very good opportunity to understand the local business needs and issues. By aligning our objectives with regional leadership’s goals helps guide us on our priorities….” “Having a lean organization is a matter of perspective. I have a different point of view. It is not the size of my organization I focus on, it’s really about the value my organization brings to the company and to our stakeholders. McDonald’s is not in the security business, we’re in the hamburger business. Therefore, we need to be good students of the business and be seen as true business JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
Dunkin’ Brands David Johnston, Senior Director of Loss Prevention and Corporate Security Excerpts from “From Retail LP to Solution Provider to Restaurant Brand Protection” July–August 2017
LEARNINGS IN THE QUICK-SERVICE RESTAURANT SEGMENT
Our core initiatives are focused on educating the independent franchise business owners on the importance of incorporating the concepts of loss prevention into their business. We educate them on understanding how losses affect sales, unit economics, and overall profitability. We show them systems, reports, and metrics that we think can help them better understand their business.
“Dunkin’ Brands is the worldwide franchisor of two of the world’s most-recognized and beloved brands—Dunkin’ Donuts, which started in 1950 in Quincy, Massachusetts, and Baskin Robbins, which started in 1945 in Glendale, California. What I like best about our brands is that although they began on opposite coasts, everyone is passionate about our brands and they evoke powerful memories. Everyone has a story about the first time they enjoyed Dunkin’ donuts or Baskin Robbins ice cream. It makes working for our brands fun. “Today there are more than 20,000 Dunkin’ Donuts and Baskin Robbins locations across more than sixty countries. We’re 100 percent franchised in the United States; we have no company-owned locations. We are also unlike many other franchised companies in that we don’t own our supply chain….” “As a franchisor, we do not direct, develop specific programs, or require certain measures of our franchisees. We recommend practices and common elements of an LP program,
but specifically developing a program is up to each independent franchisee. That doesn’t mean the LP team doesn’t engage with our franchisees, because we certainly do. We just engage more from a consultative and business approach. “Our core initiatives are focused on educating the independent franchise business owners on the importance of incorporating the concepts of loss prevention into their business. We educate them on understanding how losses affect sales, unit economics, and overall profitability. We show them systems, reports, and metrics that we think can help them better understand their business, and they then are positioned to take their own actions to reduce loss….” “Our team is fully engaged in various aspects of our business, which is a testament to the people on the team and our ability to build relationships with other departments. “The LP team focuses their time on our franchisee initiatives, understanding that the more profitable our franchisees are, the better it is for us as the franchisor. We also are responsible for investigating certain violations of our franchise agreements, including intentional underreporting of sales. We look for loss prevention managers who are business savvy, can understand financial documents, and can lead a sophisticated investigation. The team also has a role in investigating potential fraud regarding our e-commerce. “On the corporate security side, our biggest responsibility is Dunkin’ Brands’ roughly 1,100 employees; especially the safety and security of all employees while traveling to any of our locations across sixty plus countries around the globe. Whether it is a member of leadership traveling to an area or an international business manager in-country, our employees are our brand, and we want to keep them safe.”
CKE Restaurants Holdings Paul Jones, LPC, Director of Asset Protection and Risk Management Excerpts from “Reflecting on the Evolution of Retail Security” July–August 2018 “CKE Restaurants Holdings, Inc. owns two brands in the quick-service restaurant (QSR) industry, Carl’s Jr. and Hardee’s. We are headquartered in Franklin, Tennessee, just outside Nashville with more than 3,900 restaurant locations in forty-two states and in twenty-eight countries….” “I can say ten to fifteen years ago, we were all about driving numbers, hoping shrink would come along with it. Sometimes we had data, but most often we were going on instinct. As technology evolved and we had exception reporting, we learned how to use data to start driving decisions. In fact, what I saw in my career is that we in loss prevention did it better than the operators. We took the time to make sure that data drove decisions, and then we developed the solutions around what the data told us. We developed programs, built training, and awareness behind that, and then we saw our shrink get fixed. “When you take that approach to allow data to drive the decisions, and you make the investment in getting the right people who are very smart, you’ll have a great solution. I hope to
31 LP MAGAZINE
|
JULY–AUGUST 2019
LEARNINGS IN THE QUICK-SERVICE RESTAURANT SEGMENT
Today as we move to a total cost of loss strategy, I think it helps us build a better return on investment. I believe most LP practitioners have always taken into consideration what the total cost of loss is, but now there is framing around it that creates a more powerful message to speak to the corporate business leaders.
get people sitting around me that are smarter than I am and very diverse in their thinking. I’ve seen a number of times in our industry where retailers make an easy decision to put an operator to run a loss prevention organization. More often than not, it hasn’t worked out so well. It reminds me that an LP executive brings a unique discipline to the table with the understanding of how to put together what the data tells you with how to build a program and pull the levers to make sure that you are driving your shrink down, at the same time impacting your sales in a positive way and keeping people safe. “Loss prevention professionals really are great leaders who add more and more value to their companies. If you look back to the aftermath of 9/11, most of us took on crisis management roles. As the world changed, we had to learn what to do about workplace violence and organized retail crime. Now we’re managing programs for active shooter. Some are starting to take on data-security roles and looking at cyber crime. And now risk management.
32
“Today as we move to a total cost of loss strategy, I think it helps us build a better return on investment. I believe most LP practitioners have always taken into consideration what the total cost of loss is, but now there is framing around it that creates a more powerful message to speak to the corporate business leaders.”
CKE Restaurants Holdings Anne Sullivan, Vice President of Asset Protection and Safety Excerpts from “Operational Standards Support” July–August 2015 “Probably the biggest differences between traditional retail and quick-service restaurant are how loss is audited and controlled and how the company views the return on investment for loss prevention. In the retail world you have quarterly, twice-yearly, or yearly inventories. You get hard numbers back, and you are held accountable to that. But when I switched over to QSR, there wasn’t a true metric or standard in place that I could see to really know what the starting point of loss was and what the tier percentage of loss was….” “The other difference was since I came from mall-based retail, I didn’t really have much exposure to robberies. I believe I only had four in my career prior to CKE. Now, with QSR it is a big JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
focus based on the fact that the stores are open 24/7, there is easy freeway access, as well as other factors. The safety issues in QSR are far different than in retail, because we deal every day with being open 24 hours a day and the activity that attracts. There are just so many opportunities that the QSR industry is vulnerable to….” “When you review the video after a robbery, probably 70 percent of robberies are triggered by opportunity. The robber comes in, they take a look around and assess the opportunity, they look in the cash drawer when it’s opened, and then they rob the store. So taking away as many opportunities as possible is key. “We train our employees to control the cash levels in drawers. We have to be careful about how we transfer our
With QSR, robbery is a big focus based on the fact that the stores are open 24/7, there is easy freeway access, as well as other factors. The safety issues in QSR are far different than in retail, because we deal every day with being open 24 hours a day and the activity that attracts. There are just so many opportunities that the QSR industry is vulnerable to.
money. We implemented smart safes, which absolutely had a significant impact on robberies and cash control. Another big thing that we implemented is eliminating back-door openings during night time hours. We took our back-door alarms and set them to activate silent alarms between
LEARNINGS IN THE QUICK-SERVICE RESTAURANT SEGMENT
dusk and dawn, so if the back door is opened at night, my security center gets an alarm. They can check to see why it was opened, and we can then coach in the moment. The store will be called immediately and told to shut the back door. An email will go out to leadership noting the violation. Since we implemented this last year, we only had one back-door robbery, which was a significant decrease. We have also decreased our internal involvement robberies, and we created a safer environment for our employees by training and holding them to a standard. “One other thing we focus on in the field is not only delivering training and prevention, but also training them on how to handle a situation if it occurs. We never want them to engage the robber. We want them to give the robber the money. We want to ensure that people don’t get hurt, but we also want to ensure that we’re there for our employees if it does happen.”
Papa John’s International David Rydeen, National Director of Safety and Security Excerpts from “Better Security. Better Safety. Papa John’s.” July–August 2007 “We deliver pizzas, so one of the most common incidents we deal with
is automobile accidents. We are also a cash business, so the next biggest issue is delivery-driver robberies. When we have an incident, part of my job is to question what we could have done differently to prevent that incident from occurring….” “Our franchisees are organizations that have their own resources. I don’t typically get involved in investigations on the franchise side. What I do is present them with information about how we do it or provide them with solutions that we have used or vendors that we have used in the past. It’s up to them to decide whether or not to use our suggestions or whether they go out on their own and seek their own vendors or solutions. “Over time we have developed a standard security package, including clear policies, that we ‘install’ in every restaurant. A local owner would, therefore, know what type of approach to take for a specific issue at a specific site. It might involve doing more or
They have a great shopping experience.
You have greater peace of mind with a solution that secures your profits and property. Bosch empowers you to build a safer and more secure world with solutions that enhance safety, reduce shrink, and help you improve merchandising, operations and customer service. Bosch integrated security and communications solutions enrich the customer experience and deliver valuable data to help you increase your profitability. Learn more at http://bit.ly/BoschSolutionsforRetail
33 LP MAGAZINE
|
JULY–AUGUST 2019
LEARNINGS IN THE QUICK-SERVICE RESTAURANT SEGMENT
less, depending on the situation. I spend a lot of time developing those system guidelines….” “There are a lot of ways to measure performance in a restaurant—customer service, customer complaints, sales, profitability, et cetera. We have a database covering all of our stores that tracks their effectiveness. We’ve also added audit functionality that allows us to look at orders coming in and going out and to spot abnormalities, such as deep discounts, overrides, and zeroed outs. So, we look at the best-to-the-worst restaurants in terms of specific measurements. “Then there are store visits. As you park your car in a restaurant parking lot and walk toward the restaurant, you learn a lot about that restaurant because you can see if the parking lot is clean, if the window ledges are clean, if the doors are clean. You know if someone takes pride in what they do and whether they’re running a business or just collecting a paycheck….” “We have a restaurant disaster recovery plan that’s specific to each restaurant in each region. We also work closely with our public
As you park your car in a restaurant parking lot and walk toward the restaurant, you learn a lot about that restaurant because you can see if the parking lot is clean, if the window ledges are clean, if the doors are clean. You know if someone takes pride in what they do and whether they’re running a business or just collecting a paycheck.
34
relations department to set up communication processes for our franchisees. We learned a lot from Hurricane Katrina. We purchased satellite telephones so we now have the capability to communicate if we have another disaster. I also manage the corporate-wide disaster recovery program for our headquarters operations at the corporate campus. “The key to disaster recovery and crisis management is having a plan, working the plan, and communicate, communicate, communicate. After Katrina, we were literally doing conference calls every 24 hours. Sometimes, we did not have much new information to communicate, but the point was that we were communicating every 24 hours.”
Wendy’s International Chris Manning, Director of Loss Prevention and National Security Excerpts from “The 99 Cents Chili Crisis” January–February 2008 With millions of customers visiting restaurants and other retail establishments daily, the potential for a crisis is almost always present. A typical crisis is caused by a human accident or an act of nature. Less often, companies can be victims of workplace violence. And unfortunately, companies also can be victims of fraud. Such was the case in March of 2005 when police were called to a San JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
Jose, California, Wendy’s restaurant to investigate a woman’s allegation that she had found a partial human finger in a bowl of chili. Over the next days and weeks, a hoax perpetrated against Wendy’s became national news, coffee-break conversation, and fodder for late-night comedians. However, the snowball effect of the crisis was no laughing matter for Wendy’s, ultimately resulting in substantial losses for the company and its franchisees. The potential effect of any crisis can be devastating in terms of employee and customer safety, brand integrity, and financial earnings. Thus, it behooves corporations to be diligent in crisis preparation in order to minimize potential losses and facilitate normal business operations as quickly as possible…. The chili incident at Wendy’s is a compelling case study and provides a number of key learnings for loss prevention and crisis management professionals. ■ The first 24 hours are critical because the early stages of a crisis shape the proper response. As such, crisis plans should include an early warning system that alerts the entire crisis team within minutes, if possible, of an incident. This will allow seasoned crisis team members to be on the scene within those critical first 24 hours. ■ Do not assume that a crisis can be contained locally. Given today’s technology and rapid communications, assume that word and pictures of an incident may be available worldwide within hours. The crisis team response should be set in motion as quickly as possible before media coverage picks up. ■ Try to maintain all items that could help resolve the case. In Wendy’s case, the employees discarded some of the chili involved. Make sure employees at all levels are aware of what to do when an incident occurs. If the incident involves food contamination like this one, detail
■
■
■
■
■
■
■
■
■
■
■
ACCESS
ANYTIME. ANYWHERE.
with
■
CONTROL
specific procedures and communicate those procedures to the employees involved during the first few hours. Company and franchise employees should know to immediately involve the corporation on any incident rather than attempt to handle it by themselves. Contact all relevant local, state, and federal agencies immediately to let them know you want to cooperate and find out the truth. Offer any assistance necessary to aid in their response or investigation. Be sure to get key names and contact information for communicating with the proper person at each agency. Understand the proper chain of command when dealing with local authorities. In this case, four different local agencies were involved: the San Jose city police department and the Santa Clara county sheriff’s department, health department, and medical examiner’s office. Make sure you hire the right resources to help you in a crisis. If possible keep an investigative or crisis response group on retainer for crisis events or at least maintain an up-to-date list of resources that you know are reliable and available when needed. Be aggressive in your information gathering. It is critical to stay abreast of anything and everything happening that is related to the event. Resist the pressure to release information or make a statement until you are sure of the facts. Understand that whatever statement or information released will impact your brand, especially if the information later proves false or incomplete. The crisis team should meet daily (or more often if needed) to review the facts as they are known that day. This can be somewhat painful if no new information is available, but constant team communication is critical. Make all decisions based on integrity and core values. In this case, Wendy’s followed founder Dave Thomas’ philosophy: “Do the right thing.” At all times act the way you want to be remembered, because you will be. Do not provide senior management or stakeholders with a resolution timeline unless you can be absolutely sure you can achieve it. Committing to a resolution and then missing it will only undermine the crisis team and further frustrate management. Prioritize and follow up on all leads. In Wendy’s case, there were a number of calls from people who had lost fingers from accidents, including a number of exotic animal owners. While most of the leads will likely not amount to anything useful, you won’t know until you investigate. Don’t let disappointment take you off focus. Be prepared to deal with an onslaught of claims that may overwhelm you. Calls should be answered 24 hours a day, 7 days a week. Prepare and communicate updates internally to employees and franchisees often and consistently. Even if you have
open EDGE CG
with InstaKey® User-Rekeyable SFIC Override PCI Compliant, WiFi Remote Access Control for: IT Closets • Cash Offices • Pharmacies • Remote Storage • Overnight Delivery Doors • +More
LEARN MORE:
info.instakey.com/remotelock-lpm 1-800-316-5397 | sales@instakey.com
continued on page 36
35 LP MAGAZINE
|
JULY–AUGUST 2019
PARTNERING WITH RETAILERS continued from page 35
■
■
■
little new to report, let everyone concerned know so that people are not left guessing. You cannot over-communicate internally. Coordinate as closely as possible with law enforcement and other agencies involved, especially when it comes to public statements. This will help you avoid misstatements as well as misunderstandings that could jeopardize your working relationship. Review and update your crisis plan regularly, at least once a year. All team members should understand their role thoroughly, especially the communications procedures. Be aggressive in your response. Don’t sit back for things to happen. If the police department or other agencies are not investigating aggressively, consider using your own or hiring private investigators. Third-party investigators can help defray insinuations that the police are working too closely with the corporation.
The potential effect of any crisis can be devastating in terms of employee and customer safety, brand integrity, and financial earnings. Thus, it behooves corporations to be diligent in crisis preparation in order to minimize potential losses and facilitate normal business operations as quickly as possible.
■
■
■
■
■
Consider using a reward for information to expedite the resolution. However, be sure to coordinate this with all agencies
to make sure everyone is in agreement that an offer of a reward is appropriate. Use quick “trace back” analysis. In Wendy’s case, the quality assurance team was quickly able to eliminate the probability that the finger came from an internal source. Coordinate third-party specimen analysis with local authorities. Many authorities may be unfamiliar with handling and testing specific types of evidence, which was the case in this incident. Generating publicity in key markets surrounding the investigation can help stimulate leads. Talk to local media to keep the story alive and focused on the truth. Work to resolve the crisis as quickly as possible in order to recovery your business as quickly as possible. A smaller company may have gone out of business. Remember that a crisis can hurt not only the employees affected locally, but also the shareholders and other stakeholders of the company.
Pusher The SONR™ Pusher is a flexible and open security system integrated into new or existing product pushers that notify store associates of activity at the shelf and store level. Retailers can scale the SONR™ Pusher to adhere to their needs, from a singular facing to a complete shelf. It works with the SONR™ Echo Box to relay alerts across the store. Find out how SONR Pusher can protect your merchandise and increase sales!
SONR™ Pusher is wireless, and can be easily installed to protect as many or as few products as needed. 36
Call us at 800.422.2547 or visit www.siffron.com
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
Pick a Career Not Just a Job! Enter the exciting industry of Loss Prevention and Asset Protection ahead of the competition with LP Certification. SM
LPQUALIFIED
LPCERTIFIED
Designed to provide benchmark loss prevention education for:
Designed to provide advanced loss prevention education for experienced LP professionals with three years’ experience or more:
n n n n n
Loss prevention managers College students Store managers Operations support roles Anyone interested in a career in loss prevention
COURSE CONTENT Course 1: The Retail Environment Course 2: Becoming a Successful Business Person Course 3: Loss Prevention Basics and Tools
n n
Loss prevention management Loss prevention executives
COURSE CONTENT Course 1: Leadership Principles Course 2: Business Principles Course 3: Loss Prevention Operations Course 4: Safety and Risk Management Course 5: Crisis Management Course 6: Supply Chain Security
U discounsteco LPMAG20 fode r
2TH0% OFF
E LPQ LPC COUROSRE throu August 31g, h20 19
Commit to your future TODAY!
www.losspreventionfoundation.org
SUPPLY CHAIN
Top Global Supply Chain Themes for 2019
F
ive major themes that are most likely to impact the supply chain in 2019 are delineated in a new report from BSI in the UK. The analysis of how these five themes will affect supply chains forms the business improvement company’s annual analysis of global supply chain risks. The five themes identified include: 1. Revision of the minimum security criteria under the US Border Protection’s Customs-Trade Partnership Against Terrorism (CTPAT). 2. Supply chain growth in Africa increasing exposure to varying risks. 3. Ongoing mass migration posing both security and corporate social responsibility risks. 4. Dramatic shifts in geopolitics creating uncertainty in supply chain operations. 5. The continued threat to supply chains posed by cyber-security issues. Several key trends in supply chain risk from 2018 were also identified in the report: ■ Food and beverage remained the top commodity stolen. ■ Metal has now entered the top five commodities stolen worldwide. ■ Poor working conditions led as the top labor violation recorded last year. ■ Labor strikes most frequently disrupted manufacturing operations. Jim Yarbrough, global intelligence program manager at BSI, said, “We’re seeing key shifts to global supply chains this year, driven by quite dramatic changes in the geopolitical landscape. The concern is that as supply chains change—with Chinese companies moving operations to Africa, for example, or the US sourcing goods from other Southeast Asian nations—major implications Jim Yarbrough will also evolve.” He added, “Increased exposure to labor exploitation, terrorism, corruption, and natural disasters must be a consideration for companies making changes to their supply chain, and best practices must be maintained in order to prevent threats to business continuity or corporate social responsibility.” The report provides analysis of each of these top supply chain themes to help organizations increase their understanding of potential exposures. A sample of the analysis follows.
CTPAT Minimum Security Criteria Within the United States, companies enjoying trade benefits under CTPAT will soon need to meet new criteria for certification in order to meet the evolving risks of today’s operational environment. As the revised criteria for CTPAT are unveiled,
38
JULY–AUGUST 2019
|
companies will need to undertake new efforts to achieve supply chain security and mitigate emerging risks. In an article on the changes posted on the magazine website, Tony Pelli, supply chain risk consultant with BSI, said, “Management commitment to supply chain security is one of the major areas where the criteria are changing. Member companies are now required to have a documented security review policy to help ensure that they are maintaining supply chain security at all times. This will require oversight from a dedicated point of contact for supply chain security issues, with support from logistics, supply chain, procurement, and IT teams. Members are also required to assess where risks exist in their supply chains on an annual basis or as risks change, another task that will require management review and commitment.” Pelli added that the new security criteria will also include changes to the physical security measures that members and suppliers are required to implement. Tony Pelli
Exposure to Varying Risks in Africa BSI’s report reveals the potential for increasing movement of supply chains to Africa, particularly among companies based in China spurred on by the US-China trade dispute. Shifting manufacturing operations to Africa, where labor costs are lower and shipping to the US and Europe is cheaper, can be cost-effective compared to staying in China. However, the report warns that the relatively unchecked risk of terrorism in African countries, where 23 percent of all supply chain terror incidents take place, sets the operational environment apart from that of Asia. Companies whose supply chain moves to Africa must be wary of this increased risk, often compounded by corruption among security and customs personnel.
Migration Continues to Pose a Risk As conflict together with political and economic conditions continue to drive mass migration, businesses must contend with the double-edged challenge of security and corporate social responsibility risks. This year’s report records an increase in stowaway and labor exploitation risks stemming from migrants traveling along three major flows—Central to North America, Intra Southeast Asia, and Africa and the Middle East to Europe. BSI has also noted regression in countries such as Brazil where budget cuts are reducing the resources available to carry out inspections that could increase the risk of migrant labor exploitation.
LOSSPREVENTIONMEDIA.COM
Approximately half (48%) of all corporate social responsibility (CSR) incidents recorded by BSI in the last year involved migrants. The often desperate need for income to support their family leads many vulnerable individuals into labor exploitation. This issue will likely remain key for supply chains in 2019, and companies must invest in a more thorough understanding of their supply chain to truly assess the risk of migrant laborer exploitation.
Dramatic Policy Shifts Recent political shifts in Brazil, Mexico, the UK, India, and the US are setting the stage for an eventful 2019. Newly elected leadership in Brazil and Mexico are attempting to chart a new course in Latin America. President Bolsonaro in Brazil has swiftly undertaken efforts that may pose corporate social responsibility risks for some industries operating in Brazil, particularly in relation to the rights of workers, the LGBTQ community, and indigenous territories. The report recommends companies take a more active due diligence role on business partners in Brazil, to fill gaps left by the government’s removal of some regulatory requirements. Mexico’s president is undertaking new initiatives to curtail corruption that has historically underwritten organized crime, cargo theft, and oil theft in the country. The ramifications of such initiatives may have sweeping consequences for business continuity and cargo security, but despite President Obrador’s actions, security challenges will continue to affect businesses in the coming year, in particular in-transit cargo theft. The US-China trade dispute has raised new concerns related to intellectual property protections and the relocation of relevant facilities for a host of businesses. However, companies looking to other Southeast Asian countries should weigh the costs of tariffs against the cost of increased risks to their supply chains. Exposure to child labor, forced labor, and natural disasters are each prevalent in other Southeast Asian countries. The outcome of negotiations on Brexit remains unclear, creating ripples of uncertainty through supply chains operating within and through the United Kingdom and the European Union. India’s ongoing elections in April and May could create a shift in politics with effects on global supply chains. Workers’ dislike of many recent policies, with strikes over low wages and fuel prices, could cause immediate disruption and longer-term changes.
Cyber Security Within this new global landscape, cyber security stands as an overarching and multifaceted struggle for all parties throughout the supply chain. Securing data and facilities in a fast-paced, connected world is a challenge that supply chain professionals will continue to grapple with in 2019.
For More Information More information on the subject and a link to download a copy of BSI’s Supply Chain Risk Insights Report are on the magazine website. Click on the supply chain security link under the Topics tab at LossPreventionMedia.com.
39 LP MAGAZINE
|
JULY–AUGUST 2019
PRESENTING SPONSOR
RETAIL COUNCIL OF CANADA
SECURE
2019
Racial Profiling traininG Criminal Code of Canada
Loss Prevention Strategies Implicit Bias
Inventory Control Active Shooter training Bomb Threats Business Continuity Planning
ARE YOU
Active Violent Situations COVERED? Police Response times Technology and Automation Shrink Management
RE-EVALUATE ALL OF YOUR STRATEGIES AT CANADA’S LOSS PREVENTION CONFERENCE FOR RETAILERS.
Social Media Investigations Data Breach Facial Recognition Artificial Intelligence Privacy RCCLPCONFERENCE.CA Racial Profiling traininG Criminal Code of Canada
Loss Prevention Strategies Implicit Bias Special Early Bird pricing ends on August 28th
Inventory Control Active Shooter training Bomb Threats Business Continuity Planning September 24,Violent 2019 Situations ShrinkInternational Management Active Centre, Mississauga, Ontario,
Police Response times Canada Technology and Automation
Social Media Investigations Data Breach #RCCSECURE19 Facial Recognition Artificial Intelligence Privacy FOLLOW US ON SOCIAL MEDIA:
PRESENTING SPONSOR
FEATURE
UNRAVELING THE MYSTERY OF
THE DARK WEB
A TOOL TO DISCOVER POTENTIAL THREATS TO RETAIL BRANDS By Tom Meehan, CFI, LPM Retail Technology Editor
UNRAVELING THE MYSTERY OF THE DARK WEB
T
he dark web burst into public awareness in 2013 when the FBI shut down Silk Road, an online black market, and arrested its founder, Ross Ulbricht. The FBI found him through an elaborate sting operation involving an undercover law enforcement agent posing as a drug dealer on the dark web. Through this undercover operation, the FBI was able to find and locate a Silk Road administrator, who gave them access to information about Ulbricht’s Bitcoin account. When Ulbricht discovered the administrator had been arrested, he asked the undercover agent posing as a drug dealer to murder the admin. Investigators staged the torture and killing and sent photos of what they said was the corpse to Ulbricht. Ultimately, these questionable tactics led to Ulbricht’s own arrest.
Though the terms dark web and deep web are often used interchangeably, they are vastly different. The dark web exists on the Tor network (Tor stands for “The Onion Router”) and can only be accessed with a special browser, most commonly the Tor browser. 42
The media immediately picked up on such an exciting topic. The dark web was known for facilitating illegal activity, including money laundering, drug sales, and even murder. The appeal of the secrecy and mystery behind the dark web led to many articles and news reports; unfortunately, this coverage also propagated a lot of misinformation.
The Dark Web Explained The dark web is one of many layers of the Internet, and a lot of terms are associated with this subject. The surface web, also known as the open or clear web, is the part of the Internet we are the most familiar with. It refers to all the websites that are automatically indexed by search engines, which makes them relatively easy to access. Despite being the most well-known part of the Internet, the surface web makes up less than five percent of the Internet. The deep web, or invisible or hidden web, makes up the largest portion of the Internet—between 92 and 96 percent. It is an online repository of back-end information and includes financial transactions, public records, medical records, and password-protected sites. Deep web addresses consist of a random string of alphanumeric characters, and these websites are encrypted but still accessible using a regular Internet browser. This content is not automatically indexed, so it is a lot harder to find information on your own. Many services exist to help law enforcement and other investigators access the deep web, such as TLO and Accurint, a LexisNexis service. Though the terms dark web and deep web are often used interchangeably, they are vastly different. The dark web exists on the Tor network (Tor stands for “The Onion Router”) and can only be accessed with a special browser, most commonly the Tor browser. Tor was designed to be safe, not fast, so it is much slower compared to the Internet we are used to. It is important to remember that the Tor network is a JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
service that is independent of the Tor browser, which is simply a tool to access this network. Like the deep web, the URLs are composed of random alphanumeric characters, but with most often the top-level domain (TLD) of .onion for anonymous sites or .onion.to for non-anonymous sites. Tor sites are sometimes referred to as Tor hidden services, onion sites, or simply onions. The very common misconception is that the dark web and the deep web are the same; in fact, though their web addresses seem similar, it is the .onion top-level domain that indicates a dark web site and requires a special browser to be accessed. The dark web’s primary purpose is anonymity, not illicit activity. People use the dark web when they want to protect their identities, for whatever reason. Tor was developed in the 1990s by the United States Naval Research Center as a military-grade application designed to help clandestine operators protect their identities while transferring information. The dark web uses a relay methodology to hide a user’s identity behind three proxy layers. Each relay has its own geographical location, which makes it very difficult to trace a user. One of the weaknesses of this system became apparent soon enough: although foreign hackers could not identify the specific users on Tor, they could be sure that they were all US government agents, since no other government was on the dark web. The federal government resolved this issue by making the dark web available to the public in the early 2000s; by increasing the number of users on the dark web, it became significantly more difficult for foreign governments to identify US clandestine agents and operations. The Internet Frontier Foundation, which is largely funded by the federal government, picked it up and continued to develop the code. In 2006, they officially announced the Tor project to the public and made the Tor browser available for use. Today’s dark web is a versatile tool, which is what led to the creation of
UNRAVELING THE MYSTERY OF THE DARK WEB online black markets such as Silk Road and AlphaBay, which was shut down in 2017. Though Ulbricht claimed to have founded Silk Road based on the libertarian ideal of a completely free market, Silk Road was best known as a platform for selling illegal drugs. The FBI investigation and subsequent shutdown of Silk Road gained global attention. The story of Silk Road’s rise and fall essentially drove the dark web to become what it is today: a hotbed of online black markets. These “cryptomarkets,” along with copycat sites that began appearing after people learned about how lucrative this business was, typically look like any other online marketplace, like eBay. The sites have usernames and verified sellers, even customer feedback and seller ratings and reviews. Users can track their orders and interact with customer service agents, just like they can with any other online retailer. Setting up a cryptomarket does not require a high degree of technological experience. Like e-commerce sites on the surface web, templates exist for dark web sites as well, which means that anyone can easily start selling on the dark web. These sites even sort illicit goods into categories such as fraud, drugs, counterfeit items, weapons, software and malware, stolen credit card and financial information, and stolen personal identifying information, which often have specific search controls to allow potential buyers to search the listings by location, social security number, birth year, credit limit, and much more. After his arrest in 2013, Ulbricht was convicted of money laundering, computer hacking, conspiracy to traffic fraudulent identity documents, and conspiracy to traffic narcotics by means of the Internet. He is currently serving two life sentences without the possibility of parole. Many people have criticized the FBI for its dubious methods of investigating and arresting Ulbricht, even going as far as to accuse the FBI of entrapment. However, Ulbricht was clearly guilty of his
crimes. Despite having created Silk Road with possibly good intent, he eventually got caught up in the greed of monetizing the platform, which is what actually led to his arrest. Unlike Ulbricht, the founder of AlphaBay, Alexandre Cazes, created his online black market in 2014 with the specific goal of creating the “largest eBay-style underworld marketplace,” a claim he made on the AlphaBay website. Through AlphaBay, Cazes made over $23 million in revenue and lived in luxury in Thailand where he owned many mansions and even had multiple wives. He was arrested in 2017 and found dead of apparent suicide in his jail cell in Thailand days later. AlphaBay was officially shut down a few days later.
How People Pay on the Dark Web The leading form of payment on the dark web is cryptocurrency, with Bitcoin being the most common type of cryptocurrency exchanged. Cryptocurrency is a digital currency, where transactions are recording on a public ledger, usually a blockchain, and every process is protected by cryptography, which is simply the practice of secure communication. People on the dark web use cryptocurrency because it is decentralized, digital, and almost completely anonymous. No banks or governments can control cryptocurrency. Instead, cryptocurrency is controlled by its users and a blockchain to maintain its integrity. As a digital currency, cryptocurrency can be instantly exchanged online without needing a physical representation of its value, such as paper money. Cryptocurrency is a pseudo-anonymous system. Although it is impossible to trace transactions back to their senders or recipients because the blockchain only has a record of each user’s public identity, you could theoretically find out a user’s identity if you had the private key to their account. When users purchase goods on the dark web, such as drugs, they usually
transfer cryptocurrency to be stored in escrow, just like someone does when they buy a house. The cryptocurrency sits in escrow until the buyer confirms they have received their order. This prevents sellers from ripping off buyers. However, sellers on the dark web don’t often try to rip people off. To them, the dark web is simply another method of delivery for products they have already been selling. Though they are criminals, these sellers operate just like typical businesspeople. They are motivated by money, which is what keeps them honest. This incentivizes them to sell high-quality products and provide good customer service in order to entice buyers to return. Sellers on the dark web provide customer support the same way as many other e-commerce retailers by
These “cryptomarkets,” along with copycat sites that began appearing after people learned about how lucrative this business was, typically look like any other online marketplace, like eBay. The sites have usernames and verified sellers, even customer feedback and seller ratings and reviews. 43
LP MAGAZINE
|
JULY–AUGUST 2019
UNRAVELING THE MYSTERY OF THE DARK WEB
Even with your company’s measures to protect itself from cyber crime, as a security professional, sometimes you feel the need to do more. Though only a very small portion of the Internet is on the dark web, you still might find it helpful to use the dark web when conducting investigations. contracting overseas customer service call centers. These call centers, often located in countries like Romania and India, are simply providing a service, whether they are doing so for a legitimate retailer or for someone on the dark web who sells drugs.
The Dark Web and Retail Asset Protection How does all this secretive and potentially illegal activity relate to retail? The dark web is where people go when they want to learn about something or communicate without others knowing who they are. Although drugs are the most common illegal commodity found on the dark web, there are more immediate threats for private retailers—stolen credentials, stolen credit card information, counterfeit merchandise, and hacking tools, just to name a few. Criminals can even use the dark web to learn about company security policies, which stores are best to steal from, and which EAS tags a company uses, so they can learn how to defeat them.
44
Because the dark web is primarily used for secure communication, it can facilitate organized retail crime planning, research, and discussion. People can also use the dark web for hacking as a service (HaaS), where a hired hacker serves as a contractor. Some of the services offered in hacking as a service include gaining access to another person’s social media accounts, denial of service (DoS) and distributed denial of service (DDoS) attacks on websites, network infrastructure attacks to bring down communications, and even command and control of a huge botnet army. Hiring a hacker is just as much a crime as hacking itself since inducement to commit a crime is itself a crime under US law. According to a hacking-as-a-service website called “Hire An Hacker,” many hacking-as-a-service websites intentionally use bad English to disguise their identities and make it harder to figure out where they are located. Other hacking services include Facebook account hacking as their most requested service, JULY–AUGUST 2019
|
along with smartphone hacking, backdoor computer access, database modification hacking for websites, and even a way to fix one’s credit score. Service costs start at $350 for “easier” jobs, such as email account hacking, and can go up to nearly $2,000 to hire someone to deface or even completely delete a website. Hackers can also facilitate identity and credit card fraud by stealing this information and selling it on the dark web. In 2016, credit card fraud totaled $24 billion in losses, half of which affected cardholders in the United States. In April 2017, the then-unidentified group called the Shadow Brokers published a collection of the National Security Agency’s (NSA) most coveted hacking tools, including ways of exploiting most versions of Microsoft Windows, allowing essentially anyone to download cyber weapons. The authors of the WannaCry ransomware attack, a worldwide cyber attack in May 2017 that encrypted users’ data and held it for ransom in exchange for Bitcoin payments, used the EternalBlue exploit originally developed by the NSA and later released by the Shadow Brokers. The Shadow Brokers also offered a subscription service for the latest hacking malware for tens of thousands of dollars a month. Some dark web users believe they are impossible to trace, so they will keep the same usernames they employ on the surface web. This makes investigators’ jobs a lot easier. Furthermore, because the dark web is not automatically indexed, criminals must advertise their products and services. There are even directories for providers of illicit services. Forums, both on the surface web and the dark web, discuss the relative merits of various dark web marketplaces and services. All this makes it surprisingly easy for investigators to locate bad actors. On the other hand, investigative targets can be tough to pin down because dark web sites come and go quickly. They must constantly adapt to changing circumstances,
LOSSPREVENTIONMEDIA.COM
UNRAVELING THE MYSTERY OF THE DARK WEB like pressure from competitors or law enforcement activity. When these illicit marketplaces gain visibility, their operators often simply move outside the United States. In fact, most of the most prolific fraud sites technically exist on the surface web and often don’t bother with the dark web. They use top-level domains based in countries with lax fraud policies, such as Samoa (.ws), Cameroon (.cm), Cocos Islands (.cc), or Oman (.om).
Protecting Yourself from Cyber Crime Fighting back against cyber crime is really a war, and as in any war, you need to have a strategy. It is important to prepare a plan for deterring cyber crime and responding to an attack. This can make all the difference between a minor incident and a major financial and public relations nightmare. Understand your company’s information systems. Use data
inventory and data mapping to gain a thorough understanding of what you are trying to protect. Include all the obscure data sources that are easy to overlook. Classify the data. Some information is highly sensitive and valuable, while other information is not. You must create a clear process for distinguishing the various level of information sensitivity. Create clear guidelines for data access. Not every employee needs to have access to all the information in a company. Structure this access based on need. Secure the data. Use encryption and passwords to protect your information, regardless of its level of sensitivity. Define cyber crime clearly, so everyone understands. All employees must be aware of current threats and issues, including those affecting the company’s customers. What reaches them could eventually reach you, so if they understand and report cyber
Fighting back against cyber crime is really a war, and as in any war, you need to have a strategy. It is important to prepare a plan for deterring cyber crime and responding to an attack. This can make all the difference between a minor incident and a major financial and public relations nightmare.
Retail Loss
Prevention
Real-time analytics and matching at the rate of 1.1M images per second. Fully - integrated 'No-trespass' script and audio recording feature. Automatically embed recordings into mugshots, making proof-of-action and future access a snap.
James Brown observe
Built-in search feature.
Integrate with compatible existing eye-in-the-sky camera systems. Integrate any third party or existing data base of mugshots.
Join forces with BlueWave Technologies and achieve the highest level of operations and results in the industry with our patent-pending, secure and scalable solution called FaceScope™.
5 visits across 3 locations. Last visit: 10 days ago. Prior shoplifting conviction - Organized Retail Crime (ORC) - see more details
P o w e r e d
b y
www.bluwavetek.com
800-636-1428 45 LP MAGAZINE
|
JULY–AUGUST 2019
UNRAVELING THE MYSTERY OF THE DARK WEB crime early on, you can respond much more quickly.
Conducting Investigations on the Dark Web Even with your company’s measures to protect itself from cyber crime, as a security professional, sometimes you feel the need to do more. Though only a very small portion of the Internet is on the dark web, you still might find it helpful to use the dark web when conducting investigations. Below is a how-to guide for searching the dark web. Search for dark web URLs on a regular search engine. Even though the dark web is generally not indexed, it is possible to use a search engine to see what non-anonymous dark web sites exist. Use the search term
With the prolific amount of illicit material already available on the surface web, bad operators often find it unnecessary to resort to the dark web. In fact, a 2015 British study found seventy-nine active child pornography sites on the dark web—but 78,000 sites on the surface web. 46
[something illegal] inurl:.onion.to. For example, you can use this tip to see if dark web sites have shoplifting master lists for specific retailers or how-to guides for defeating various types of EAS tags. The caveat is that this method will only capture a very small amount of the information. It’s a quick and simple trick and will yield less that 5 percent of what is actually available on the dark web. Check your company policy before starting an investigation on the dark web. Although using the dark web is completely legal, many companies have strict policies against it. Use a computer dedicated for searching the dark web. An even greater risk is that bad actors could discover your information and access your system, so you do not want to put your personal or work computer at risk. Instead, buy a cheap computer for this specific purpose. Download the Tor browser. The Tor browser is the most common way to access the Tor network. Other browsers and methods are available, but the Tor browser is the most secure way to date. Connect to the dark web using a virtual private network (VPN). A VPN adds another layer of anonymity and prevents third parties from seeing your web traffic. Instead of using your home or work network, connect to a VPN while conducting your investigations on the dark web. Do not use a VPN provided by your workplace, as this defeats the purpose of protecting your work from any potential attacks. Create a new email address for the dark web. Once you are logged into the Tor network, create a new email address that you will only use on the dark web. Do not log in with any other email addresses. Do not use any identifiable or personal information. Do not use your real name, photos, previous usernames or even passwords you have used before on the surface web. This will put you at risk of being JULY–AUGUST 2019
|
traced back to your personal or work accounts. Do not download content from the dark web. If you want to save content you need for an investigation, use the screen capture tool or a screen recording software. If you feel it is necessary, work with a technical expert or download content into a “sandbox,” a virtual space isolated from the rest of your computer to protect it from any possible malware.
Myths and Misconceptions People often associate the dark web with weapons, drugs, human trafficking, and child pornography. But a 2016 study by Terbium Labs showed that only 47.7 percent of .onion domains hosted illegal activity. And with the prolific amount of illicit material already available on the surface web, bad operators often find it unnecessary to resort to the dark web. In fact, a 2015 British study found seventy-nine active child pornography sites on the dark web—but 78,000 sites on the surface web. There are many fabricated stories about the dark web, often created and spread by the media and most of which are untrue or simply impossible. Below is a list of the most common myths and misconceptions and why they are not true Myth: It is illegal to access the dark web. Accessing the dark web is completely legal. Furthermore, the content of the dark web is mostly legal—over 50 percent of the dark web does not contain illegal or illicit content. Some people fear that searching the dark web will bring law enforcement knocking at your door. That’s what criminals are worried about. As a retail security professional, your only concerns should be the bad guys themselves. Myth: The dark web is only for criminals. The dark web was made for anonymous, not illegal, activity. That means that many dark web users just want to research or communicate without revealing their identities. These users can range from citizens of countries with strict Internet
LOSSPREVENTIONMEDIA.COM
UNRAVELING THE MYSTERY OF THE DARK WEB earlier. This means you have to actively look for sites on the dark web. It is impossible to “accidentally” come across criminal content. That can only happen if you are seeking it out. Myth: “Red rooms” are everywhere. Red rooms refer to the supposed websites where people live stream themselves mutilating or even murdering someone for “entertainment.” However, they are mostly urban legend when it comes to the dark web. The Tor network is too slow to stream live video. If red rooms do exist, they would be found on the surface web, and it is highly unlikely that you would find one.
A New Tool
Accessing the dark web is completely legal. Furthermore, the content of the dark web is mostly legal—over 50 percent of the dark web does not contain illegal or illicit content. censorship laws who want to read the news to protestors who are fighting against oppressive governments to LGBT citizens of a country where homosexuality is illegal. Licensed physicians even post free drug-related advice on forums. They know drug addicts are less likely to seek out medical advice on their own, which means health care professionals need to go out and find them on their own. Myth: Terrorists use the dark web to communicate. Though terrorists could easily use the dark web to communicate with one another, there are many other encrypted forms of communication that are more easily accessible. They typically use popular messaging platforms such as WhatsApp, Signal, and Telegram, which are more accessible and exist on multiple platforms such as smartphones. Myth: The dark web is where mass shooters buy weapons. This is
not an issue of concern in the United States, where someone can purchase a military-grade assault rifle at a gun show much more easily. However, the person who killed nine people and injured twenty-one others in Germany in July 2016 bought his gun from the dark web since firearm laws are much stricter in Europe. German police were able to discover his use of the dark web via two separate investigations into other attempts to use the dark web to obtain weapons. Myth: You will be hacked if you go on the dark web. If you use the same safe Internet practices you use on the surface web—don’t share your personal information and don’t download content from an untrusted source—then you will not be hacked on the dark web. Myth: You can “stumble” upon scary sites. The dark web is part of the deep web, which is not automatically indexed, as explained
The dark web has a mysterious and dangerous reputation and a very colorful history. However, it is actually a simple concept to understand and use in your work. Like any investigations, you need the right tools, a clear idea of what you are looking for, and a healthy level of caution to protect yourself and your organization. With a solid understanding of the dark web in mind, you can use this new tool to your advantage and discover potential threats before they come actual attacks against your company. TOM MEEHAN, CFI, is retail technology editor for LP Magazine as well as chief strategy officer and chief information security officer for CONTROLTEK. Previously, Meehan was director of technology and investigations with Bloomingdale’s, where he was responsible for physical security, internal investigations, systems, and data analytics. He currently serves as the chair of the Loss Prevention Research Council’s (LPRC) innovations working group. Meehan recently published his first book titled Evolution of Retail Asset Protection: Protecting Your Profit in a Digital Age. He can be reached at TomM@LPportal.com.
47 LP MAGAZINE
|
JULY–AUGUST 2019
ASK THE EXPERT
Sponsored Content
Interview with Mary Pifer Pifer is vice president of global marketing and product management for 3SI, a technology company providing security systems for asset protection and recovery, including GPS tracking. She has over thirty years of experience in the security business.
Things to Consider When Adding GPS to Your Security Arsenal
U
se of various technologies to alert and track stolen merchandise is under consideration by retailers. GPS tracking is one option that has created buzz in the industry. We asked someone with experience with this technology to provide some insights for those considering GPS tracking as a possible solution to recovering stolen merchandise and potentially preventing robbery from retail stores.
employee involvement, notifies authorities while the event is in progress, and reduces the likelihood of a violent confrontation. As with most technologies, the lack of human interaction and manipulation increases the device’s success rate.
How is GPS tracking implemented? Is it visible or covert? The whole idea of using GPS to catch criminals and recover assets is that the criminals unknowingly steal the device. That only works if the device is undetectable. Look for solutions that either mimic or can be hidden in high-demand items. Using GPS to secure assets with higher theft rates increases the chances of recovery, arrest, and criminal prosecution. How is the technology activated? The device should automatically and silently detect theft and begin reporting. This is key as it eliminates
JULY–AUGUST 2019
How does the device communicate? GPS devices typically use cellular networks to report their location. Users should be sure to choose devices that are 4G/5G compatible, so they will last well into the future. This will help to reduce future replacement costs. What are some other things to consider during the selection and deployment process? There are a number of questions I would suggest someone ask during the assessment and selection of GPS tracking technology. ■ Is it easy to use and maintain? ■ Is the device self-reporting to ensure reliability? ■ Does it provide data that can be used forensically after the crime to help law enforcement secure a conviction? ■ How many devices should be used for maximum effectiveness in whatever application someone is considering? ■ Where should the devices be placed within the store? ■ What types of crime is the retailer wanting to target?
Adding a tracking and monitoring solution to an existing security program can provide real-time visibility and data. As the retail application of GPS tracking continues to grow, it has proven itself to be an ally in the fight against organized retail crime and burglary. As more retailers embrace the technology, it will potentially become an essential tool in the loss prevention industry. 48
Who receives the alert from the tracking device? The device should link directly to a security company monitoring center or law enforcement to improve response time and, therefore, increase the likelihood of an arrest. It also keeps staff and customers safe by getting the criminals out of the store and into the hands of professionals.
What are your thoughts on the short- and long-term benefit of GPS tracking? Adding a tracking and monitoring solution to an existing security program can provide real-time visibility and data. As the retail application of GPS tracking continues to grow, it has proven itself to be an ally in the fight against organized retail crime and burglary. As more retailers embrace the technology, it will continue to grow as an essential tool in the loss prevention industry.
|
LOSSPREVENTIONMEDIA.COM
C-SUITE & SENIOR LEVEL EXECUTIVES ONLY
CYBER SECURITY SUMMIT 2019
PROTECT YOUR BUSINESS FROM CYBER ATTACKS F REE ADMISSION
INTERACTIVE PANELS
RANSOMWARE
Use Code: LPMAG2019 for FREE Admission. (Standard Admission: $350)
To Pay or Not To Pay That is the Question!
Register Now at CyberSummitUSA.com »
INSIDER THREAT 6 CPE CREDITS
Full day attendance earns 6 credits following the Summit
REMAINING 2019 CYBER SECURITY SUMMITS Chicago, IL - August 27 Charlotte, NC - September 17 New York, NY - October 3 Scottsdale, AZ - October 17
Boston, MA - November 6 Houston, TX - November 21 Los Angeles, CA - December 5
THOUGHT LEADERS INCLUDE
Kory Bakken
Supervisory Special Agent, Criminal Cyber Squad FBI Chicago
David Cass CISO IBM
David Hogue
Sivan Tehila
Protect Your Enterprise from the Human Element ORCHESTRATION
CISO & Sr. Leadership’s Best Approach to Cyber Defense CLOUD INSECURITY
John Artman
Vice President, Technical Director Director of Solution Enterprise Resilience NSA, Cybersecurity Architecture Threat Operations Mastercard Perimeter 81 Center
Common Pitfalls that Organizations Make when Moving to the Cloud and How to Avoid Them INCIDENT RESPONSE
What to do Before, During, and After a Breach Steve Gold
Vice President of Cybersecurity Solutions Center for Internet Security
David Grady
Principal Client Partner Verizon Secuity Solutions
Aditya Balapure
Team Lead, Information Security GrubHub
Justin Fier
Director of Cyber Intelligence & Analytics Darktrace
Kurt Van Etten SVP, Security Strategy RedSeal
C-Suite Executives, Directors, Managers, and other Sr. Level IT Professionals ONLY are permitted to register. Students and Sales/Marketing Professionals will not be admitted.
CyberSummitUSA.com
To Speak or Exhibit at a future Summit, contact: MHutton@CyberSummitUSA.com
FUTURE OF LP By Tom Meehan, CFI
New Book on the Evolution of Retail Asset Protection
Meehan is retail technology editor for LP Magazine as well as chief strategy officer and chief information security officer for CONTROLTEK. Previously, Meehan was director of technology and investigations with Bloomingdale’s, where he was responsible for physical security, internal investigations, systems and data analytics. He currently serves as the chair of the Loss Prevention Research Council’s (LPRC) innovations working group. Meehan recently published is first book titled Evolution of Retail Asset Protection: Protecting Your Profit in a Digital Age. He can be reached at TomM@LPportal.com.
EDITOR’S NOTE: Tom Meehan, CFI, recently completed his first book-length publication titled Evolution of Retail Asset Protection: Protecting Your Profit in a Digital Age. The book is available from Amazon or Barnes & Noble. Meehan has been working in retail information technology and loss prevention roles for over twenty years. He became a contributing writer to LP Magazine in 2015 and was named retail technology editor in 2018. His Future of LP columns run in each issue of the print magazine and are published along with others of his articles on the magazine’s website. Following is our discussion about the book. – Jack Trlica, LPM Managing Editor
TRLICA: You and I talked about your writing for the magazine several years ago. When and why did you begin thinking about sharing your thoughts with the industry? MEEHAN: I thought about writing for several years before we started talking about it. I would always read something and think, “How do you get started writing?” When we first spoke about writing, my first thought was, “I am not a writer.” I had many ideas of what I could write about but struggled with how I could share them. I appreciate your encouragement and help getting me started. I am also fortunate to have worked for progressive leaders and companies that helped challenge my curiosity and encouraged me to turn it into action. TRLICA: I’ve been impressed with the variety of topics you address in your articles for the magazine. How have you become so conversant on such a wide range of topics? MEEHAN: I am a bit of a transplant—an IT person who fell in love with the loss prevention and asset protection world. I believe in the “never stop learning” philosophy of professional growth. I read a lot to help stay current. My goal is to read a book every week, along with various industry publications. I am also very involved in our industry, both attending and speaking at conferences. If I had one recommendation for my peers, it’s to consume more information in whatever way possible. If you don’t like to read or don’t have the time, you can listen to audiobooks or watch videos. TRLICA: What made you decide to publish a book on the evolution of loss prevention? MEEHAN: Today’s asset protection professionals live in a different world than we did even five years ago. In the past twenty years, email, smartphones, social media, online
50
JULY–AUGUST 2019
|
shopping, and big data have evolved fast and furious. I wanted to write a little about these technological evolutions. But oftentimes I think data and technology are considered the solution to everything, and the people component gets missed, so it was important that the human element remain a central part of my book.
TRLICA: What do you hope readers will take away from your book? MEEHAN: I hope to encourage people to think bigger. We are in a rapidly changing environment with a lot of outdated policies, laws, and definitions. We turn to technology as a fix-all when the human element of AP is very real. I don’t want to change anyone’s point of view, but instead I hope to help them look and think differently than we have in the past. TRLICA: What’s next for you in your writing career? MEEHAN: I hope to continue to write for the magazine. This first book just scratches the surface on where our industry is going. I would love to write another book about negations and how it relates to interview and interrogation, or about my international travels and how LP differs around the world.
Evolution of Retail Asset Protection: Table of Contents Overview Thinking Outside the Box Precision LP Total Retail Loss Crime in Retail Shoplifting Organized Retail Crime Violence Working with Law Enforcement Cybercrime in Retail Internal Theft Interviews and Interrogations Technology and Data Big Data and Analytics Keeping Score Social Media Monitoring and OSINT Innovation and Technology Conclusion
LOSSPREVENTIONMEDIA.COM
FEATURE
BIOMETRICS RETAIL’S BEST KEPT SECRET By Gene Smith, LPC
BIOMETRICS: RETAIL'S BEST KEPT SECRET
A
s the digitalization of retail increases and becomes the new normal, retailers are being forced to adapt and respond to this new business model—or face a dismal and shrinking future. Forward-thinking companies are reimagining what it means to be a brick-and-mortar retailer, inventing new ways to attract customers to their stores while engaging in-store customer experiences and near real-time delivery of product. All these innovations are designed to create a memorable experience so that the customer wants to return. More than ever, this digitalization has placed IT departments in the limelight as strategic partners in reinventing retail and driving revenue. However, the “opportunity” to transform retail is fraught with
52
Simply put, biometrics are any metrics that derive data from the features of a human that uniquely identify that person. Fingerprints, palm prints, eyes (retina and iris scans), faces, handwriting, voices, and DNA are some examples—with fingerprint biometrics being the most frequently used. danger. Retail has traditionally been a fairly risk-averse sector, and the huge investment in technology and systems required to compete in today’s market is an uncomfortable reality. Retailers are challenged to make these IT investments fast enough to remain competitive. Added to their concerns is the very real possibility that they JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
might not achieve the desired results, or that these seemingly open-ended investments might coincide with an economic slowdown. The truth is that revenue expansion—or, at the very least, preservation—is a critical part of the profitability equation. Another part is loss prevention and asset protection,
BIOMETRICS: RETAIL'S BEST KEPT SECRET
which has become a major contributor. Indeed, an increasing C-suite expectation is for loss prevention to become a key partner in enhancing the customer experience and contributing to bottom-line profit. The new loss prevention metric for success is built on how much an organization can enhance profits. In many instances, traditional loss prevention departments have evolved from “loss prevention” to “asset protection” and now to “asset and profit protection.”
The Problem Retail continues to be plagued by shrink, which is a critical metric of whether many retailers have a good or bad year. According to the 2018 National Retail Security Survey (NRSS), shrink took a $46.8 billion bite out of the US retail economy in 2017. It
is no longer acceptable just to beat the shrinkage goal. The new norm, dictated by the C-suite, is by how much an organization can beat the goal. As shrinkage reduction programs continue to challenge loss prevention professionals, the emerging technologies and programs used to combat theft (both internal and external) have also become more sophisticated. This increase in sophistication is just one reason why the educational needs of the profession are changing and have led to the creation of such resources as the Loss Prevention Foundation, its certification courses LPQualified and LPCertified, and the Loss Prevention Research Council. The danger and cost associated with making any external apprehension, the strain placed on criminal justice resources, and the exposure to adverse litigation all continue to make many leaders question whether they should be making external apprehensions. Even alternative shoplifter programs, which is only one element of the external issue, have been challenged, questioned, and abandoned. The traditional civil recovery approach, as regulated by state statutes, still seems to be a highly effective post-apprehension program for many retailers. According to the Jack L. Hayes International 29th Annual Retail Theft Survey, only 7.8 percent of total retail theft losses resulted in recovery. So how cost effective are the industry’s internal and external apprehension efforts? Based on these grim facts, retailers who rely too much on after-the-fact detection and apprehension are fighting a losing battle. It has never been truer that you cannot apprehend and prosecute your way to a good shrink result, especially as retailers continue to grapple with the risks and costs associated with injury to customers and employees when attempting the recovery of stolen merchandise. Employee dishonesty still accounts for 33 percent of total losses, according to the 2017 NRSS, and many believe that point of sale (POS) presents an easy opportunity to decrease these losses. Employee
theft is actually one of the easiest loss components to be addressed. Since so many incidents occur in confined and controlled areas, it is easier to focus on these areas than on an entire store, as shoplifting requires. Unfortunately, many professionals rely on traditional programs and policies that have limited impact. There is, however, a ray of hope. One technology has proven to be highly effective in both preventing employee theft and improving operational efficiencies—biometrics.
What Are Biometrics? Simply put, biometrics are any metrics that derive data from the features of a human that uniquely identify that person. Fingerprints, palm prints, eyes (retina and iris scans), faces, handwriting, voices, and DNA are some examples—with fingerprint biometrics being the most frequently used. Implementation into our smart phones and other technology devices has made fingerprint recognition very common. In fact, it has quickly become the most secure and convenient method to replace passwords, pins, swipe cards, and keys—traditional authentication credentials that can easily be shared or stolen. When confronted with evidence of theft utilizing these outdated credentials, employees can simply say, “Someone must have stolen my password.” In other words, it is incumbent on the retailer to prove culpability in these cases. Many readers have probably noticed and experienced the CLEAR difference at many airports and large professional sports entertainment facilities. Even when a traveler has TSA Precheck or Global Entry, CLEAR helps get through screening even faster—by verifying their identity, so they can walk right up to the security bins. CLEAR uses biometrics—a person’s fingerprints and eyes—to confirm identity. Even rental car agencies such as Hertz Fast Lane are using this technology to speed up service. Other industries such as health care, travel, and government have been using fingerprint biometrics for years,
53 LP MAGAZINE
|
JULY–AUGUST 2019
BIOMETRICS: RETAIL'S BEST KEPT SECRET
Fingerprint scan
and now the technology is gaining tremendous traction in retail. Biometrics are very compatible with most retail technology systems and have an attractive ROI, thus contributing easily to the bottom line. Further, biometrics have become a safe and proven technology, providing an easy win for organizations, especially important as these organizations are dealing with the risks and complexities of retooling their infrastructures for new models such as omnichannel.
How Do Fingerprint Biometrics Work? Instead of using something you have (like a key) or something you know (like a password), fingerprint biometrics use the physical characteristics of your fingerprints to identify and authenticate you. There are two separate stages involved in using a fingerprint biometric system: ■ Enrollment. During enrollment, a person’s fingerprint is scanned to identify their unique attributes, such as where ridges converge or separate. These unique attributes,
54
Mapping unique biometric features
Extracting unique biometric features
■
called minutiae, are then stored in a mathematical abstraction called a template. Commercial fingerprint biometric systems don’t store actual fingerprint images; rather, they only store a representative binary code. This code is used in the next step, verification. Verification. In this step, a person’s fingerprint is again scanned to extract the data points of their unique minutiae when they touch a fingerprint reader. These minutiae are then compared to those in the stored template. If they match, the person’s identity is verified. The whole verification process takes just a few hundred milliseconds and delivers highly accurate matching results.
The Solution It is well known that point-of-sale (POS) terminals have become a critical focal point for controlling retail businesses. The challenge is that these systems have also created more opportunities for employee theft. In fact, the systems themselves have JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
The biometric template: a binary representation of unique features
become easy targets for theft and fraud since so many financial transactions flow through them, including payroll record keeping. While our industry has focused much on “after-the-theft” solutions by creating sophisticated exception reporting, video analytics, and more, many retailers have simply neglected preventing and eliminating the opportunities for theft in the first place.
Why Should Retailers Consider Using Biometrics? Biometric technology is one of the quickest, easiest, and most cost-effective ways that retailers can prevent theft at the POS. It has an incredible ROI, and results are seen quickly. Fingerprint authentication has become easier to implement because it interfaces seamlessly with almost every retail technology currently being used. If it doesn’t immediately interface, it is relatively easy to make modifications so that it will. Biometric technology also: ■ Reduces Losses. It is one of the quickest and most cost-effective ways
BIOMETRICS: RETAIL'S BEST KEPT SECRET
■
■
■
to significantly prevent and reduce employee theft losses at the POS by deterring employee theft. Eliminates Time and Attendance Fraud. When employees are required to use their fingerprints to clock in and out, they must be physically present to punch in, and “buddy punching” is eliminated. Further, the peer pressure and resentment that oftentimes exist in an environment where buddy punching is rampant disappears as well. Improves Operational Efficiencies. No fumbling with or forgetting PINs and passwords. Customers are served more quickly and are happier with the in-store experience because transaction times are greatly improved. Employees simply touch the fingerprint reader to login to the POS terminal. Reduces Operational Costs. Expenses are eliminated by not having to replace worn-out or lost swipe cards or recover forgotten passwords and PINs, which require
■
■
costly helpdesk calls to reset. Fingerprint biometrics simply don’t have these expenses. Holds Employee Accountable. Fingerprint biometrics provide proof of presence, which irrefutably links individuals to their transactions. Employees are held accountable: they cannot pretend to be someone else or share their credentials. Fingerprint biometrics also ensure that managers follow operational procedures: they cannot delegate their authority to approve overrides and discounts to employees. Eliminates Employee Turnover Costs. Since thefts at the POS are eliminated, so are the costs associated with investigating, apprehending, terminating, and prosecuting dishonest employees. The costs of recruiting, hiring, training, and waiting for new employees to become as proficient as the tenured employees are also lessened, impacting bottom-line profitability in a positive way.
These unique attributes, called minutiae, are then stored in a mathematical abstraction called a template. Commercial fingerprint biometric systems don’t store actual fingerprint images; rather, they only store a representative binary code.
BIOMETRICS AT THE POINT OF SALE
Eliminates Buddy Punching Prevents Unauthorized Overrides Deters Theft Through Accountability Speeds Transactions
Visit HID at the 40th Annual RLPSA Conference, Booth #813 In September 2018, HID Global acquired Crossmatch, becoming one of the world’s major providers of fingerprint biometric technologies. Under the HID Global brand, our customers will continue to have access to the quality DigitalPersona fingerprint biometric products they have come to know and trust. Powering Trusted Identities
|
Visit us at hidglobal.com/crossmatch
© 2019 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, and the Chain Design are trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission.
55 LP MAGAZINE
|
JULY–AUGUST 2019
BIOMETRICS: RETAIL'S BEST KEPT SECRET
The fact is that handling biometric data is no different than handling other sensitive personal information for which most organizations already have policies and procedures. It boils down to getting informed consent and establishing data management policies. ■
■
56
Improves Safety During a Robbery. Fingerprint biometrics reduce the risk of serious injury or death during robberies. When under extreme stress, employees can forget their passwords. Fingerprint biometrics allow employees to appease a thief more quickly, keeping employees and customers safer. Viewed as a Profit Enhancer. When all of the operational benefits of biometric technology are conveyed to senior leadership, it’s easy to demonstrate that loss
prevention is taking a savvy approach to improving profitability. Traditional loss prevention methodologies tend to be viewed by senior leadership as underperforming. The addition of biometric technologies to any loss prevention strategy elevates it to a true business partner by improving the bottom line.
Privacy Concerns Fingerprint biometrics extract data points from a fingerprint image that cannot be used anywhere outside JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
the system. Fingerprint images are not stored, so privacy concerns over the use of biometric data can be addressed quite easily. The fact is that handling biometric data is no different than handling other sensitive personal information for which most organizations already have policies and procedures. It boils down to getting informed consent and establishing data management policies. Organizations can reap the benefits of biometrics while maintaining the privacy of individuals if they do four basic things: ■ Inform the person in writing that their biometric identifier is being collected. ■ Inform the person in writing of the specific purpose and length of term for which their biometric information is being collected, stored, and used. ■ Inform the person in writing how and when their biometric information will be destroyed. ■ Receive a written release executed by the person.
BIOMETRICS: RETAIL'S BEST KEPT SECRET
How are Fingerprint Biometrics Being Used in Retail? Pharmacy/Drug Stores. Standalone pharmacies and those within other stores are using fingerprint biometrics to control the workflow process of filling prescriptions. Errors in filling prescriptions have a very costly impact, causing serious injury and even death. Retail pharmacy operations have discovered the benefits of having every step in the process documented and verified using fingerprint biometrics. Each time an employee completes their part of the process, they swipe their fingerprint before passing it on to the next person. That person must verify what the previous person did before they can complete their step. Once verified, they complete their part, swipe their print, and pass it on until the prescription is given to the customer and payment is received. Fingerprint biometrics have become a great tool in preventing costly errors
by creating a very effective system of checks and balances. General Retail. Many organizations are using biometrics for time and attendance, logging in and out on the POS, and transaction control points—authorizing voids, refunds, and discounts. In addition, many retailers are realizing additional cost savings by eliminating lost-password and log-in difficulties as well as speeding customer service transactions and minimizing unnecessary delays. Home Improvement and Distribution Centers. Controlling who has been properly trained and has the necessary clearance to operate dangerous equipment, such as trash compactors, tow motors, and forklifts, is easily done by implementing fingerprint authentication. Electronics Retailers. Store trade-in programs must comply with certain states’ “pawn shop regulations” that require any retailer operating a trade-in program to fingerprint customers making the trade. This ensures that
police can investigate in cases where traded goods are stolen. Corporate Offices. In order to improve data security, many corporate offices have installed fingerprint biometrics on their company desktop and laptop computers to eliminate sharing, duplicating, or stealing passwords. Fingerprint biometrics have eliminated the defense, “Someone must have used my password to compromise my device.” Restaurant and Quick Service. Biometrics have been utilized in this retail segment quite extensively to control issues involved in a high-volume POS transaction environment, with lots of cash transactions and void activity. Front-end POS employee theft is reduced significantly by eliminating weaknesses not addressed by traditional loss prevention or operational controls. Other cost savings are realized immediately through eliminating the need to replace worn-out or lost swipe cards and forgotten passwords and PINs that require costly help desk support to reset.
57 LP MAGAZINE
|
JULY–AUGUST 2019
BIOMETRICS: RETAIL'S BEST KEPT SECRET
Implementing most loss prevention programs and operational controls normally requires a change in company behavior, which affects workplace culture. Fingerprint authentication is simply the lowest risk, easiest to implement, and most reliable form of biometrics to adopt.
Why Use Fingerprint Biometrics Rather Than Other Forms of Biometrics? Fingerprint biometrics are the easiest type of biometrics to implement from a hardware, software, IT support, and overall cost standpoint. While other biometrics such as facial recognition might be more intriguing, so are the issues surrounding implementation. Store employees, mid-level managers, and senior leaders are often very resistant to new programs and procedures. Implementing most loss prevention programs and operational controls normally requires a change in company behavior, which affects workplace culture. Fingerprint authentication is simply the lowest risk, easiest to implement, and most reliable form of biometrics to adopt. Most employees will already
58
be familiar with it on their own devices. And, success in implementing fingerprint biometrics can be the foundation for gaining credibility and support to move toward other advanced solutions as company needs grow. Fingerprint biometric authentication is being adopted at increasing rates by retailers because it offers so many cost-effective benefits. It is easy to implement, requires minimal IT support, has a very quick ROI, and solves many other issues that lead to employee theft and operational deficiencies at the POS. Furthermore, it tends to support efforts to demonstrate that loss prevention contributes to a good omnichannel strategy, since there are so many operational improvements that directly enhance the customer POS experience. It might just be one of the easiest technologies to implement—and JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
one that will demonstrate an immediate positive impact on business. Fingerprint biometrics should be strongly considered as an integral part of any modern retail loss prevention strategy.
GENE SMITH, LPC, is the former president of the Loss Prevention Foundation where he remains as a board member emeritus. He retired in July 2017 after a long career in loss prevention in management positions with Montgomery Ward, Lazarus Department Stores, Consumers Distributing, Revco Drug Store, and Downing & Downing. The National Retail Federation recognized him as their 2017 inductee into their Ring of Excellence. Smith remains active in the industry as an advisor and career coach to several industry companies and professionals. He can be reached at GeneS@LPportal.com.
EVIDENCE-BASED LP
Developing Prioritized Protective Strategies
by Read Hayes, PhD, CPP Dr. Hayes is director of the Loss Prevention Research Council and coordinator of the Loss Prevention Research Team at the University of Florida. He can be reached at 321-303-6193 or via email at rhayes@lpresearch.org. © 2019 Loss Prevention Research Council
S
tay focused; we hear that a lot. But what should those charged with protecting people and places really fixate on? Criminologist Jerry Ratcliffe stresses law enforcement teams should use the acronym HIPE to provide their operational frameworks and actions necessary guidance and focus. HIPE stands for harm-focused, intelligence-led, problem-oriented, and evidence-based policing. Retailers might also look at this concept in developing prioritized protective strategies. Harm-focused. Data support that HIPE components can provide more precision and impact. So let’s first explore harm-focused. To support an enterprise’s success, asset protection leaders strive to focus their teams on key company process points and success metrics they’re uniquely suited to affect. At the Loss Prevention Research Council (LPRC) and the University of Florida, our teams concentrate research and development on on-shelf availability, quick but secure checkout, and making place-users and their personal information safer and more secure.
We’re all working to convince people not to initiate theft, fraud, or violence. It is easier said than done, but LP exists to enable the retail enterprise in the face of a lot of bad actors.
Problem-oriented. Many will recall our team repeatedly uses the SARA problem-solving method to focus our research efforts and always recommends retailers adopt the simple process to provide a consistent, across-chain protocol. SARA means better problem understanding, leading to more precise solution-set options, and a deployment and outcomes assessment. Problem-solving then includes these important components: 1. Scanning to identify and prioritize recurring problems 2. Analyzing problems using a variety of data sources and perspectives 3. Responding with focused strategies designed and implemented based on your problem analysis 4. Assessing how the treatments were actually deployed and their real-world effects on the identified and defined problem. Evidence-based. The reason the LPRC community includes seventy major retail chains is they’re working together with each other, solution partners, and scientists to gather problem and solution evidence to up their game and results. Research-derived evidence can be used to develop a better understanding of an issue by describing the nature, extent, and possible causes of a problem, or looking at how a change was implemented. It can also be used to assess the effect of a protective intervention by testing the impact of a new initiative in a specific context with pre and post looks, against some control, or exploring the possible consequences of a change in process.
Featured Research on Self-Checkout In other words, leaders should design ways to measure and prioritize actions on processes, places, and people that create the most loss, theft, fraud, and fear of crime harm. The more a loss or crime issue is impacting a key process, the more life-safety risk, the greater a problem’s financial effects, the more harm, and the great the priority it’s given. Some loss events might be more frequent, but actual harm to people and business success drives the fight. Intelligence-led. A powerful adjunct to focusing on a business’s priority problems is using organizational loss and crime event, risk rating, and other data with prolific offender intelligence to tightly focus efforts on the hottest assets, offenders, and places.
60
JULY–AUGUST 2019
|
We’re all working to convince people not to initiate theft, fraud, or violence. It is easier said than done, but LP exists to enable the retail enterprise in the face of a lot of bad actors. To this end, our almost 300 research projects to date are designed to help us understand what’s behind bad behavior and how we might influence those headed our way. Self-serve checkout is here and most likely will remain for a long time to come. This is one of several current or recent projects to help us learn, improve, and adapt to evolving businesses and people. In this study the LPRC team collected data from twenty-four active shoplifting offenders after the installations of small, enhanced LOSSPREVENTIONMEDIA.COM
Please plan to visit our new Ideation and Simulation Lab (ISL) spaces and learn more about our latest initiative called LPRC INNOVATE led by Jordan Burchell.
public-view monitors (ePVMs) at the self-checkout kiosks, large ePVMs above the self-checkout area, in-aisle ePVMs in the seafood, liquor, and health and beauty areas, and ePVMs at the pushout-prevention cart-containment system. This research focused on determining the noticeability of these small-area (zone 2) deterrent LP measures, offender perceptions, and how these measures affect offenders’ decisions of whether to steal from the store. Initially, offenders were asked to provide feedback on their perception of theft using self-checkout services. All offenders reported they shoplifted from self-checkout by scanning some but not other items. Five also indicated they switched labels, four tricked the scale, and three indicated other methods. More important is the proportion of shoplifters that noticed the security measures.
Ideate, Simulate, Test Please plan to visit our new Ideation and Simulation Lab (ISL) spaces and learn more about our latest initiative called LPRC INNOVATE led by Jordan Burchell, which is leveraging cutting-edge technologies and processes to help your organization get better now and in the future. We’re already working on new projects using the ISL design-thinking space, followed by mixed reality (VR, AR, video immersion) in our sim space. These places, especially when connected to actual stores and distribution centers, can speed up learnings about multiple design, technology, and people options without costly renovations.
Theft Using Self-Checkout Somewhat Difficult 9%
Very Difficult 4%
Engage with the LPRC Community
Very Easy 29%
We’re already way ahead of last year’s enrollment at this point for our annual LPRC IMPACT conference scheduled for September 30 to October 2 at the University of Florida. We strongly encourage you to consider participating in the annual event and to register soon to ensure you have a space. We’re featuring dozens of new, practical LP research results, Learning Lab breakouts, our brand new Ideation and Simulation Lab, cool networking receptions, and much more. Register at LPresearch.org/impact.
Neutral 29% Somewhat Easy 29%
Proportion of Offenders Who Noticed Security Measures 90%
83% 70%
67% 50%
54%
50%
46%
50%
30%
10%
33% 17% PVM at SCO Kiosks
Large PVM Above SCO
In-aisle PVM
Yes
In-aisle Signage
No
61 LP MAGAZINE
|
JULY–AUGUST 2019
SOLUTIONS SHOWCASE DETEX
Is Your Back Door Protected?
D
etex introduces a maximum security, multipoint lock so big and strong that it stands up to assault by the bad guys and reduces employee and customer theft. Exclusive to Detex, the ECL-230X-TDB is a heavy-duty, easy-to-install, three-bolt multipoint lock whose construction takes panic hardware to a whole new level of toughness and eases your back-door security worries about the bad guys peeling the bottom of your back door to gain entry. Built for maximum strength, it is designed with a larger deadbolt that goes deeper into the frame than other locks in the category. Connecting rods are solid steel, rather than the less reliable hollow rod and cable construction. Life safety and code compliant, the new Detex ECL-230X-TDB serves as both panic hardware and a maximum-strength locking device.
Three Locking Points Per Door The ECL-230X-TDB includes a photo-luminescent sign available in more than ten color and language combinations, 100-decibel alarm, and three locking points per door. Together, the three bolts withstand 16,000 pounds of pull force. ■ The top deadbolt is approximately 1” wide by 1/2” thick and provides additional stability to the top corner of the door. ■ The side deadbolt is 2-1/4” tall by 1/2” thick with a 1” throw that allows for 3/4” penetration into strike. Detex recommends flush installation for maximum security. With more than 1-1/2 square inches of bolt engagement, the side deadbolt provides superior defense against pulling and prying on the side of the door. ■ The bottom bolt is a 5/8” HEX bolt with 3/4” throw that engages the floor with 5/8” penetration to provide better attack resistance and superior defense against the “peeling up” of the bottom of the door.
Benefits and Customization
For Even Stronger Security Add suffix DX3 (ECL-230X-TDB-DX3) for six locking points for even stronger security to provide an additional line of defense against break-ins. Even if the exterior door hinges are compromised, the DX bolts keep the door locked and secure. These passive deadbolts are easy to install and offer another layer of attack resistance. Through-bolt mounting installation improves the door’s holding strength. You choose the right application and level of protection by choosing one, two, or three bolts for a total of four, five, or six locking points. Other 230X models include: ■ ECL-230X (dead bolt only) ■ ECL-230X-W (weatherized dead bolt) ■ ECL-230X-TB (top and bottom bolt) ■ ECL-230X-W-TB (weatherized top and bottom bolt) ■ ECL-230X-TD (top and dead bolt) ■ ECL-230X-W-TD (weatherized top and dead bolt) ■ ECL-230X-W-TDB (weatherized top bolt, dead bolt, and bottom bolt)
62
JULY–AUGUST 2019
|
Additional benefits include: Corrosion-resistant alloy lock body. ■ Surface/flush reversible strike. ■ Durable photo-luminescent sign absorbs light, then “glows in the dark” when lights are dimmed. ■ Non-handed. ■ Resetting the alarm can only be accomplished with a control key. ■ Locking and unlocking the dead bolt always arms and disarms the alarm. ■ Accepts 5-pin through 7-pin standard and interchangeable core rim cylinders without using a cylinder collar. ■ Optional inside pull handle. Almost all hardware and accessories can be customized with different finishes, colors, sizes, and more. Ask your Detex representative how this new generation of life safety and security hardware can make a powerful difference at your back door. For more than a century, Detex has earned the trust of architects and owners who rely on Detex products for the life safety and security of people and property. A US-based company, Detex designs, manufactures, markets, and ships products from New Braunfels, Texas. Detex is known internationally for life safety and security door hardware, loss prevention and architectural hardware, integrated door security systems, and guard tour verification. Visit Detex’s website at www.detex.com/lp or call 800-729-3839. ■
LOSSPREVENTIONMEDIA.COM
SOLUTIONS SHOWCASE SENSORMATIC
Which Electronic Article Surveillance Technology Is Your Best Defense against Shrink? AM, RF, or RFID?
R
etail crime remains one of the most serious threats facing the retail industry. Shrink, otherwise known as a reduction in inventory due to shoplifting, employee theft, or other errors, significantly impacts a retailer’s bottom line—to the tune of nearly $100 billion annually in direct losses worldwide. Regardless of where retail operations are located, shrink is a universal foe. That’s why retailers need to know what electronic article surveillance (EAS) technologies are in the tool box to win. EAS is an important defense against the rise of casual and organized retail theft. Traditional approaches to help solve retailers’ shrink challenges include acousto-magnetic (AM) and radio-frequency (RF) technologies developed for EAS. Retailers are also leveraging radio-frequency identification (RFID) technology for loss prevention. When it comes to protecting the bottom line, retailers need to understand and overcome the complexities of implementing an EAS system optimized for their product range, store layouts, and business goals. The strengths and weaknesses of each approach depends on its underlying technology, in particular on the frequency and frequency band used to detect anti-theft tags and labels. No single technology will meet the requirements of every retailer. But whether a retailer wants to implement traditional EAS or apply RFID technology to EAS, options are available for retailers to explore their benefits and limitations in order to decide which can best meet their loss prevention goals.
per second (58 kHz) in a tight band of just ± 600 Hz, or ± 1 percent. AM systems are “one-bit,” that is, detecting tags designed to resonate at this frequency but send no additional information. Radio frequency technologies pulse at 8,200,000 Hz (8.2 MHz, more than 140 times the AM frequency). The frequency band is wider: ± 1MHz, or >12 percent. Like AM, RF detects only the presence of a resonating tag. Radio-frequency identification technology originally was developed for military and space applications and the EPC Generation 2 UHF RFID standard is used for store EPC inventory visibility in fashion retailing. Operating at an ultra-high frequency from 902 to 928 MHz in North America or 865.6 to 867.6 MHz in Europe, RFID operates at more than 100 times higher than RF, using a much narrower frequency band—about two-tenths of 1 percent. Unlike AM and RF, RFID is a true communications technology—the RFID tag responds to communication from the RFID reader with data that include SKU and other product-related information, not just confirmation of its presence. Although, technically, RF and RFID both use radio frequencies, they are very different technologies and behave differently in every respect.
The Technical Explanation All EAS technologies rely on electronic communication between a controller (or reader) that sends an electromagnetic signal and a tag to which it responds. The range, noise immunity, ability to carry information, and resistance to countermeasures determine the effectiveness of a technology, and these factors all depend on the frequency used to create the link. Acousto-magnetic technologies send out pulses at a low frequency of 58,000 cycles
63 LP MAGAZINE
|
JULY–AUGUST 2019
SOLUTIONS SHOWCASE
Retail Shrink Is a Universal Foe. Which EAS Anti-Theft Technology Works Best For You?
■ ■
Global retail theft cost nearly $100 billion last year 34 percent from shoplifting alone. From big box chains to tiny boutiques, retailers use electronic article surveillance (EAS) systems to reduce shoplifting and protect profits. Acousto-magnetic (AM), radio frequency (RF), and radio frequency identification (RFID) EAS systems are options available to most effectively meet retailers’ needs.
Radio Frequency (RF) ■ Broad range of hard tags, along with flat-profile labels ideal for packaged goods with flexible application options ■ Performance degrades on liquids, metals, and products with foil packaging; not immune to body shielding ■ Labels cannot be reactivated Radio Frequency Identification (RFID) ■ Broad range of swing tickets, labels, and hard tags suitable for multiple merchandise categories ■ Performance degrades on liquids, metals, and foil packaging; not immune to body shielding ■ Tags and labels can be reused; item-level data can be encoded for inventory intelligence solutions
Global retail theft cost nearly
$100
34%
billion
shoplifting alone
last year
Works well on liquids, metals, and products with foil packaging; immune to body shielding Labels can be reused and reactivated
OTHER CONSIDERATIONS Acousto-Magnetic (AM) ■ Custom integration of deactivation with various barcode scanners ■ Connectivity to Shrink Management as a Service (SMaaS) reporting platform for data analytics and remote equipment management ■ Select systems are RFID ready for migration to item-level intelligence
Choosing the Best Technology for Your Business STOREFRONT Acousto-Magnetic (AM) ■ Wide detection coverage; pedestals, concealed, or discreet options ■ Highly immune to spurious signals common to store environments; fewer nuisance alarms ■ Maximized floor selling space with minimal restrictions on placement of tagged merchandise
Radio Frequency (RF) ■ Easy integration of deactivation into “EAS-ready” barcode scanners ■ Connectivity to Shrink Management as a Service (SMaaS) reporting platform for data analytics and remote equipment monitoring ■ Select systems are RFID ready for migration to item-level intelligence
Radio Frequency (RF) ■ Wide detection coverage; pedestals and discreet options ■ Vulnerable to nuisance alarms caused by electrical interferences from common store sources ■ Susceptible to interference from metal doors or edging; some reduction to selling space
Radio Frequency Identification (RFID) ■ Integration with POS and inventory management solutions for item-level visibility ■ Connectivity to TrueVUE platform for inventory intelligence and shrink visibility ■ Migration path to RFID item-level inventory data
Radio Frequency Identification (RFID) ■ Wide detection coverage; overhead, pedestals, concealed, or discreet options ■ Unaffected by spurious signals common to store environments; fewer nuisance alarms ■ Designated storefront tag-free zone reduces nuisance alarms; some impact to selling space
Sensormatic offers RFID, AM, and now RF. Download the full white paper at sensormatic.com/lp0619.
MERCHANDISE CATEGORIES TO PROTECT Acousto-Magnetic (AM) ■ Range of hard tags and robust labels to protect wide array of merchandise categories
64
JULY–AUGUST 2019
|
LOSSPREVENTIONMEDIA.COM
LOSSPREVENTIONMEDIA.COM
By Loss Prevention Media Staff
Two Surveys Report US Shrink Increase
The magazine website, LossPreventionMedia.com, offers readers daily breaking news, industry surveys, videos, press releases, case studies, and original articles from LPM writers and loss prevention contributors. The website is updated daily with the latest information included in our daily e-newsletter. Sign up at LossPreventionMedia.com/subscribe for free to add your email address to receive our newsletter and other digital offerings. This column highlights some of the content readers will find on the magazine website and newsletter.
2019 National Retail Security Survey Finds Increase in Shrink Theft, fraud, and losses from retail shrink totaled $50.6 billion in 2018, up from $46.8 billion the year before, as industry security executives said there is a growing overlap 2019 between loss prevention and cyber-security efforts, according to the annual SECURITY SURVEY National Retail Security Survey (NRSS) released in June by the National Retail Federation (NRF) and the University of Florida. “We are seeing dramatic changes in the risks faced by retailers, and loss prevention practices and priorities are evolving to meet those challenges,” NRF Vice President for Loss Prevention Bob Moraca said. “As criminals find new ways to steal, loss prevention teams are finding new ways to stop them. Increasingly, this is a battle focused on technology.” According to the report, shrink averaged 1.38 percent of sales during 2018, up slightly from 1.33 percent in 2017, but has held steady around 1.4 percent over the past few years. With the percentage largely unchanged, the increase in the dollar amount is due primarily to growth in retail sales. The largest losses per incident came from robberies at an average $2,885.15 (down from $4,237.02 in 2017), followed by employee theft at $1,264.10 (up from $1,203.16), and shoplifting/organized retail crime (ORC) at $546.67 (up from $543.28). Robberies are comparatively rare, however, while shoplifting/ORC and employee theft together typically account for about two-thirds of shrink
national retail
66
JULY–AUGUST 2019
|
each year, with most of the remainder coming from vendor or paperwork errors. While 43 percent of those surveyed said the largest increase in fraud is occurring in stores, 30 percent said it is happening online, and 22 percent said it is coming in multichannel sales, such as those where the purchase is made online but the merchandise is picked up in store. Of challenges that have grown in priority for LP teams over the past five years, cyber-related incidents are the top issue, according to 68 percent of those surveyed, while 65 percent also pointed to e-commerce crimes, and another 51 percent cited return fraud, including incidents involving
“We are seeing dramatic changes in the risks faced by retailers, and loss prevention practices and priorities are evolving to meet those challenges. As criminals find new ways to steal, loss prevention teams are finding new ways to stop them. Increasingly, this is a battle focused on technology.” - Bob Moraca, NRF purchases made online but picked up in stores. ORC was cited by 65 percent, and internal theft by 60 percent. A total of 89 percent said there is increasing overlap between retail loss prevention teams and cyber-security teams, but only 30 percent of LP executives said they were regularly involved in cyber-security issues. Most of the time, LP is brought in after the fact on cyber issues, with 60 continued on page 68
LOSSPREVENTIONMEDIA.COM
PRODUCT SHOWCASE
THE EVOLUTION OF LP TO SUPPLY CHAIN 7PSOLUTIONS HAS YOU PROTECTED AT HOME AND AROUND THE WORLD.
www.7Pgps.com
The Nation’s Leader in Off Duty Law Enforcement Providing Security for Businesses in the U.S. & Canada
• Only Active, Certified, Skilled • • • •
Police Officers Extensive Liability & Workers’ Compensation Coverage In-House Accounting and Operation Departments One Invoice/Month Officers Rapidly On-site, U.S. and Canada
(877) OFF-DUTY www.offdutyservices.com
Visit Us at Booth #800
67 LP MAGAZINE
|
JULY–AUGUST 2019
continued from page 66
■
percent saying they are called in for incident response with only 26 percent involved in threat analysis. LP executives are preparing for increased involvement in cyber issues, with 62 percent seeking analytical skills in new hires and 40 percent seeking cyber-security skills. “These are changing times in retail, and that means changes in loss prevention,” said University of Florida criminology professor Richard Hollinger. “As always, the challenge is for the honest to stay ahead of the dishonest.” The survey of sixty-three loss prevention and asset protection executives from a variety of retail sectors was conducted February 27 through March 29. The study, which is a partnership between Hollinger and NRF and is sponsored by Appriss Retail, was released in early June just prior to the NRF PROTECT conference in Anaheim, California. A link to download the full report is available on the magazine website, LossPreventionMedia.com. Search “2019 NRSS.”
■
■ ■
■ ■
Retail Theft Cases “Soared” in 2018 According to Recent Hayes Survey Over 279,000 shoplifters and dishonest employees were apprehended in 2018 by just twenty large retailers who recovered over $114 million from these thieves, according to the 31st Annual Retail Theft Survey conducted by Jack L. Hayes International. “Theft case values soared in 2018 with the average shoplifting case value ($301.97) increasing 11.8 percent; the average dishonest employee case value ($1,361.37) increasing an amazing 30.1 percent; and the total average theft case value ($408.77) up 17.0 percent. While the retailers participating in this survey did not apprehend as many thieves as they did the previous year, they were recovering more dollars from the thieves they did apprehend,” said Mark R. Doyle, president of Jack L. Hayes International. “With the increase in Mark Doyle dollar recoveries, retail theft overall continues to be a serious problem for retailers negatively impacting their bottom line, which results in higher prices to consumers.” Highlights from this annual theft survey include: ■ Participants—Twenty large retail companies with 13,674 stores and over $330 billion in retail sales (2018). ■ Apprehensions—279,196 shoplifters and dishonest employees were apprehended in 2018, down 11.8 percent from 2017. ■ Recovery Dollars—Over $114 million was recovered from apprehended shoplifters and dishonest employees in 2018, up 3.2 percent from 2017.
68
JULY–AUGUST 2019
|
Shoplifter Apprehensions—251,051 shoplifters were apprehended in 2018, down 11.7 percent from 2017. Shoplifter Recovery Dollars—Over $75 million was recovered from apprehended shoplifters in 2018, a decrease of 1.4 percent from 2017. Employee Apprehensions—28,145 dishonest employees were apprehended in 2018, down 12.7 percent from 2017. Employee Recovery Dollars—Over $38 million was recovered from employee apprehensions in 2018, up 13.5 percent from 2017. Average Case Values—Total theft up 17 percent; shoplifting up 11.8 percent; dishonest employee up 30.1 percent. Shrink—55 percent of survey participants reported an increase in shrink in 2018, with 35 percent reporting a decrease in shrink, and another 10 percent reported shrink stayed about the same.
“Theft case values soared in 2018 with the average shoplifting case value ($301.97) increasing 11.8 percent; the average dishonest employee case value ($1,361.37) increasing an amazing 30.1 percent; and the total average theft case value ($408.77) up 17.0 percent." - Mark R. Doyle, Jack L. Hayes International Shoplifting The Hayes International report cites the following shoplifting issues. Reduced Customer Service Due to Fewer Sales Associates on Floor. Fewer sales associates on the sales floor provides shoplifters with the privacy they want/need to commit their acts of theft. Unfortunately, more retailers are becoming self-service, instead of customer service focused. Shoplifting Felony Thresholds Increasing. There are currently twenty-nine states with a felony threshold for shoplifting/larceny of $1,000 or higher. Shoplifting cases less than these high-dollar thresholds result in a misdemeanor offense only, meaning less police assistance and little if any punishment. Thieves view shoplifting as a high-reward, low-risk endeavor. Stolen Merchandise is Easy to Sell to Larger Audiences. Many thieves have found that selling their stolen items through various online auction sites or returning their stolen goods for a merchandise credit or gift card (which they sell to a second party) results in quicker sales and much higher prices than the traditional selling of items on the street or at a local flea market.
LOSSPREVENTIONMEDIA.COM
CALENDAR Organized Retail Crime (ORC) Continues to Increase. Losses from ORC are reported to be over $30 billion annually, with almost 100 percent of retailers acknowledging they have been a victim of ORC activity in the past twelve months. These thieves work diligently to commit their theft of popular items such as over-the-counter medicines, razors, batteries, tools, cell phones, and designer clothing. It is common for them to work in teams, employ distraction techniques, and use booster-bags to circumvent anti-shoplifting systems. Employee Theft The following employee theft issues were cited in the recent report. Less Effective or Reduced Pre-Employment Screening Requirements. More restrictions on various types of pre-employment screening has resulted in the hiring of less-than-desirable associates. In addition, some retailers have reduced their pre-screening requirements in an effort to save money and staff locations more quickly. Less Supervision of Associates and Fewer Associates. Overall opportunities for dishonest associates to commit acts of theft/abuse with less chance of detection has increased with reductions in staff and supervisors. Stolen Merchandise Is Easy to Sell to Larger Audiences. Dishonest employees have found that selling stolen items through various online auction sites or having a friend or family member return the stolen goods for a merchandise credit or gift card (which they sell to a second party) results in quicker sales and much higher prices. A General Decline in Honesty. On a regular basis we hear of business, government, law enforcement, celebrities, sports figures, and even church leaders being caught up in questionable activities. Such events make it easier for “borderline” employees to rationalize their theft acts. A link to the full report is available on the magazine website, LossPreventionMedia.com. Search “2018 Hayes survey.”
July 16, 2019 Cyber Security Summit: DC Metro Ritz-Carlton, Tysons Corner McLean, VA cybersecuritysummit.com July 18, 2019 Cyber Security Summit: Seattle Sheraton Grand Seattle (WA) cybersecuritysummit.com August 4–7, 2019 Restaurant Loss Prevention & Security Association RLPSA Annual Conference Renaissance Downtown Nashville (TN) rlpsaannualconference.com August 12–15, 2019 Axis Retail Leadership Forum Westin Bellevue Hotel Seattle, WA axis-communications.com/arlf2019 August 22, 2019 GROC Retail Crime Conference Cobb Galleria Atlanta, GA georgiaroc.org August 27, 2019 Cyber Security Summit: Chicago Hyatt Recency Chicago (IL) cybersecuritysummit.com September 8–12, 2019 ASIS International GSX Global Security Exchange McCormick Place Chicago (IL) gsx.org September 10–11, 2019 North American Supply Chain Executive Summit The Westin Chicago (IL) North Shore sci-summit.com September 24, 2019 Retail Council of Canada RETAIL SECURE 2019 International Centre Mississauga, ON rcclpconference.ca September 25, 2019 Cyber Security Summit: Charlotte The Westin Charlotte (NC) cybersecuritysummit.com September 30–October 2, 2019 Loss Prevention Research Council IMPACT 2019 University of Florida, Gainesville lpresearch.org/impact
October 10, 2019 Cyber Security Summit: New York Grand Hyatt New York cybersummitusa.com October 17, 2019 Cyber Security Summit: Scottsdale Hilton Scottsdale (AZ) Resort & Villas cybersummitusa.com October 21–23, 2019 Consumer Returns Management 2019 Hyatt Regency Austin (TX) consumerreturns.wbresearch.com October 23–25, 2019 LP Magazine Annual Meeting The Westin Hilton Head Island (SC) meeting@lpportal.com October 24, 2019 Carolinas Organized Retail Crime Alliance 2019 CORCA Conference Embassy Suites Hotel, Concord (NC) corca.org October 28–31, 2019 Coalition of Law Enforcement and Retail CLEAR 10th Annual Training Conference Bahia Resort Hotel, San Diego (CA) clearusa.org November 5–7, 2019 Florida Law Enforcement Property Recovery Unit FLEPRU Training Conference Rosen Plaza Hotel, Orlando (FL) flepru.org November 6, 2019 Cyber Security Summit: Boston The Westin Copley Place, Boston (MA) cybersummitusa.com November 21, 2019 Cyber Security Summit: Houston The Westin Houston (TX) Memorial City cybersummitusa.com December 5, 2019 Cyber Security Summit: Los Angeles The Beverly Hills (CA) Hilton cybersummitusa.com January 11–14, 2020 NRF 2020 Vision Retail's Big Show Jacob Javits Convention Center New York City nrfbigshow.nrf.com
69 LP MAGAZINE
|
JULY–AUGUST 2019
PEOPLE ON THE MOVE Timothy Hall, LPC was
Robert Moore has been
Maralyn Allen is now a
Xavier Rogers is now a
promoted to director of AP and Tony Dueñez is now supervisor, corporate investigations at 7-Eleven.
named director of marketing, Americas at Axis Communications.
regional LP manager at DHL Parcel (UK).
regional LP manager at GUESS.
Devin Saunders was promoted
Jack Dye was named senior
Aaron Wade is now an area
Epi Suarez is now a
LP supervisor at Beall’s.
LP investigator at Goodwill of the Finger Lakes.
regional AP manager at 99 Cents Only Stores.
Michael Zambrano was
to regional LP manager, and Brad Krings is now a national account executive at DTiQ.
promoted to profit protection senior manager at Best Buy.
Brandy Sluss is now an LP
now director of AP at Goodwill Industries of Southeast Georgia.
Brandon Hisey is now an LP
been promoted to VP of AP, and Jon Williams, TJ Rosenberg, and Dale Smith were named managing directors, awareness and communications practice for EPIC Risk Consulting.
Bob Kupbens was named
president, innovation and new business at ADT. Amazon announced the following promotions: David Rozhon, LPC to environmental, health and safety manager; Joshua Olsen and Antonio Van Hise, LPC to program managers; Henry Johnson, LPC, CFI to senior manager, logistics LP; Jeffrey Mortensen, PMP, LSSBB to senior program manager, launch operations, web services; Aaron Leger, LPC and David Zwernemann, CFI to senior regional LP managers; Tim Juback MBA, Barney Molnar, LPC, John White, BS, LPC, and John McCourt to regional LP managers; Carl Rice to EMEA Investigations Manager (UK); Dominik Schwarzbacher (Spain), Florian Schwarz, MBA (Germany), Benjamin Konzag (Germany), and Caglar Ari, CFI (Germany)
to cluster managers of security and LP; and Douglas Del Campo, LPC to regional LP manager (global specialty fulfillment). Crissy Sharpe, CFE is now senior fraud manager of global fraud prevention, accounts payable, and finance operations. Christopher Drayton Ellison
was promoted to safety compliance officer at America’s Thrift Stores. Kelsey Seidler is now content
strategist at American City Business Journals. Juan Rodriguez was
promoted to retail AP manager (all retail stores) at American Girl Retail. Steve Prebble has been
Dennis Lonergan has
district manager at Bi-Mart. Christopher Joyce, CORCI is
now an area LP supervisor, and Chris Dickman is now a district LP manager at Burlington Stores.
Iain Harris was named
Walter Palmer was named
senior profit protection manager at European Midway Attractions (UK).
executive vice president at CAP Index. Carolina Donneys is now
Daniel Kaiser, Jr., MS, LPC, CFE was promoted to LP
a district LP manager at Charlotte Russe.
inquiries and analysis manager at The Exchange.
Frank Panebianco was
promoted to VP sales ICS, NA at Checkpoint Systems.
Jason N. Jones was promoted
to global security manager, security operations center, and Jennykirstina Astrup is now a member of the global security team at Facebook.
Gary Monteleone is now
a LP supervisor (Arizona region) at Circle K. Michael Segreto is now
Dyan Clancy is now executive
corporate fraud prevention manager at City Furniture.
sales director at FaceFirst Face Recognition Software.
Stephen Kemp is now audit,
Todd Luginbill was promoted
security, and LP manager at City Plumbing (UK).
to director, AP distribution centers, Daniel Coccoli was named inventory accounting director, Jake Sawyer, CFI is now a regional LP manager, and Bradley Nichols, LPC and Cornelius Miree are now market investigators at Family Dollar.
Christopher Perry, CFI (Legacy)
was promoted to senior corporate AP manager at CKE Restaurants. Damien Barne was
promoted to group head of profit protection at Compass Group (UK).
Vic DeBlassi was named
coordinator at Harris Teeter. Jen Paladino was made
regional LP manager at Holt Renfrew. The Home Depot announced the following promotions: Thomas Hacker to director of visual merchandising; Denver Culpepper to manager of investigative analytics; Stephen Prettyman, Benjamin Schwartz, and Chris Carrillo to corporate managers of investigations; Sean Browne to corporate manager, ORC–northern division; Kyle Penoyer and Kelly Harrington to senior managers of AP investigations; and John Lee and Tom Hare to ORC investigators. Sharon Allen is now a multistore AP manager. Kim Carl and Nathan Iniguez are now district LP
managers at HomeGoods. Brent Peters was named
regional LP specialist at HS Brands Global. Elizabeth Bolton is now
a risk and compliance agent at IKEA Group. Jeff Larimer and Stephen Fullilove are area AP
a regional LP manager at Finish Line.
managers at JCPenney.
Corey Freeman, CFI is
Doreen Pavese MA, CFI
promoted to district LP manager at Kohl’s.
now director of LP at Cosentino’s Food Stores.
is now a regional AP manager at Follett.
John Liesching was promoted
Monty Whitlow is now
to VP, asset analytics and insights, and Jim Mansour is now a district AP leader at CVS Health.
corporate manager, risk management, and LP at FullSpeed Automotive.
promoted to director of AP (western division) at Ascena Retail Group.
Steven Bedi was named
director of AP at The Decurion Corporation.
Andrew Crosby, CFI is now
Jordan Shelest is now AP
director of loss control and compliance at Astreya.
and compliance manager at Delta 9 Cannabis.
Mike Giblin is now senior
Dave Harben, CFI was
Thomas Torain is now an AP
of finance at ControlTek.
Balbir Tulshi was named VP
Gap Inc. announced the following promotions: John Lanzon and Dennis Lamborn to regional LP managers, and Elizabeth Spoden to cross-brand multi-unit LP manager.
named president at Appriss Retail.
70
specialist at EG America.
Chris Hopkins, LPC is
Phil DeGorter is now
director of LP at CWG.
JULY–AUGUST 2019
principal, research (marketing) at Gartner.
|
LOSSPREVENTIONMEDIA.COM
David Sandoval was
Britt Davidson, CFI, LPC was
promoted to director of risk management at Kum & Go. Anthony Ricci, Daniel Perkins, and Zak Brownlee, CFI, LPC, CFE are now regional AP
managers at L Brands. Jason Tumack was promoted
to director of AP, discount division, and Kyle Botha is now a district LP manager at Loblaw Companies. Anthony Hyberger was
made a district LP manager at Loomis.
Moises Rosario, MA is
Daniel Turno, LPQ is now
Dan Nesselroth, CFI, PCI
now president, and Yazmine Ramos is now VP at the LP Organization of the Caribbean.
a district LP manager at Ollie’s Bargain Outlet.
was promoted to senior investigator, corporate security at Sony Electronics.
Amanda McHenry was
promoted to regional AP, operations, and safety director, and Jacqueline Schloss is now a market ORC manager at Lowe’s. Jason Davies, CFI, CORCI, SMIA is now director of ORC
and central investigations; Tobbie West was promoted to regional director, AP programs; and Chase Seitz and Kevin Uhe, CFI were promoted to district directors of operations and AP at Macy’s. Lauren Wetmore, CFE is now
a senior analyst at Marcus by Goldman Sachs. Collin Davis was
made a market AP manager at Meijer. Azikiwe Burns is now an
area LP manager at The Michaels Companies. Gerard Fredo was promoted
to senior retail security manager at Microsoft. Alexandra Clayton was
promoted to LP manager, retail projects, and Philip Davey was promoted to regional shrink specialist at Morrisons (UK).
Ken English, LPC is now senior
dispute resolutions at Varo Money Inc. Erik Van Herik, CFI is now senior
to group manager, corporate AP at Stage Stores.
analyst, risk management, and James Stanek is now senior corporate security investigator at Verizon.
to country security manager at Philip Morris International (Pakistan).
Briana Robinson was
Kersonder Williams was
promoted to district AP manager at Stein Mart.
made area AP manager at Victoria’s Secret.
James Stark was promoted
Jeremy Greenleaf is now
Lauren Linsenbach is now
to VP of LP and risk management at Pier 1.
director of AP at StockX.
regional AP manager at Victra–Verizon.
internal theft and fraud investigator at PetSmart.
Bryan LeFebvre was promoted
Malik Zaheer was promoted
Richard Moore was promoted to senior director of LP at Talbots.
Elizabeth Rush, LPC was
promoted to divisional LP manager at Publix Super Markets.
Alexander Ocasio is now
a regional AP manager at TBC Corporation.
Elric Henderson is now
divisional manager, security, and LP at Purolator International.
senior manager of AP, supply chain; Kevin Porter is now a multi-district AP leader; and Nick Ferris, LPC and Michael Ibarra, CFI were named AP district leaders at Rite Aid.
TJX Companies announced the following promotions: Joseph Rinker to senior ORC investigator, Kaitlyn Peabody to ORC investigator, Mario Barrientos to ORC associate investigator, Marmaxx National Task Force, and Philip Johnson to senior DC investigator. Kelley Lederer, LPC was named systems and investigations support manager, and Heather Andersen, Claudia Joya, Jeff Valentine, CFI, Sergio Castro, Kit Becker, Chris Franzen, Alicia Williams, Patrick Parris, Kevin Jones, Mario Barrientos, Sherell Burns, and Angela Schorah are now LP training specialists.
Courtney Meek was
Cameron Wilkinson was
Melissa Sharp Murdock
was named VP of communications and media relations at the Retail Industry Leaders Association. Will Devellis is now a
district LP manager at Rexall Pharmacy. Eric Sira was promoted to
Jonathan Dalton CFI, LPC
was named AP manager, solutions, and John McDonagh was promoted to training coordinator at Walgreens. Walmart announced the following promotions: Kyle Haynes to director of global investigations, technology investigations; Brian Lux to director, US corporate investigations; Gerald Corson III to senior director, Infosec; Bob Higgins, LPC to director, Intelligent Retail Lab; Amanda McClellan to global investigator III; Kyle Rodefer to distribution center area LP manager; and Ashley Wengrzyn-Phillips to market manager. Sara Mortimore was named VP, global food safety compliance, and Collin Reedy is now a global investigator, technology investigations. Chris Hinger, LPC is now
director of LP and corporate security at Warby Parker.
Jon Corcoran was promoted
promoted to associate director, LP operations, and Al Schmidt and Tim LePelley, CFI are now area LP managers at Ross Stores.
named district LP manager, and Amir Attaei was promoted to ORC investigator at TJX Canada/Winners.
Anthony Auciello, CFI was made senior regional AP manager at Whole Foods Market.
to head of safety and security at Netflix.
Sean Staron was promoted
Tyler Reitz was promoted to
Dave Thompson, CFI is now
analyst, ecommerce asset and profit protection at Transform SR Holding LLC.
a partner at WicklanderZulawski & Associates.
ULTA Beauty announced the following promotions: Curtis W. Leininger, LPC to director of LP (west division), Trent Pringle to project manager, Alaina Kring, CPhT to lead ORC manager, and Meghan Fechko to lead area LP manager.
promoted to director of AP at Wireless Vision.
Tim Purpura was promoted to
VP of sales and marketing at Morse Watchmans.
Brett Elliott is now head
to AP director at Saks Fifth Avenue Flagship.
of LP for warehouse and distribution at Next (UK).
Craig Cole is now an
Kendra Pryce, CFI was
promoted to senior director of global investigations, and Adam Oberdick, LPC was promoted to director, EMEA LP at Nike. Nordstrom made the following promotions: John Morris to national LP director, full price stores, and Mike Triesch to director of business resiliency and operations.
AP investigator at Selfridges (UK). Brian Connors is now director
of business development at Sennco Solutions. Joshua Beckler is now
a district LP manager at Sephora.
Casey Wright was promoted
David Collins, CFI, LPC was
promoted to director of LP, and Cliff Bennett, CFI was made a regional LP manager at Signet Jewelers.
to VP of operations at US Foods. John Mearls was promoted to
senior director of fraud operations and customer
Nicole Schmitt was
Raul Ramirez was named
senior manager of AP and safety at Yum! Brands. Paul Templeman, LPC is now
LP manager investigations, e-commerce, and compliance at Z Gallerie. Jaclyn Clarke is now
corporate investigator at Zurich North America.
To stay up-to-date on the latest career moves as they happen, sign up for LP Insider, the magazine’s daily e-newsletter, or visit the Professional Development page on the magazine’s website, LossPreventionMedia.com. Information for People on the Move is provided by the Loss Prevention Foundation, Loss Prevention Recruiters, Jennings Executive Recruiting, and readers like you. To inform us of a promotion or new hire, email us at peopleonthemove@LPportal.com.
71 LP MAGAZINE
|
JULY–AUGUST 2019
ADVERTISERS 3SI....................................................................39 3si.com 7PSolutions ....................................................67 7pgps.com AFA ..................................................................67 afap.com Amphion..........................................................25 amphion.biz Appriss Retail ..................................................5 apprissretail.com BlueWave Technologies..............................45 bluwavetek.com Bosch ..............................................................33 bit.ly/boschsolutionsforretail
LOSS PREVENTION MAGAZINE
Loss Prevention magazine is available free to loss prevention and retail professionals throughout the US and Canada. There’s no excuse for anyone interested in keeping up with the LP industry to not get the magazine.
To sign up for a free subscription, go to LPMsubscription.com. It’s simple. Takes only a minute. Or fax the completed form below to 714-226-9733.
International Subscription. LP professionals outside the US and Canada can either read the digital magazine free or receive the print version for $99 per year. Contact circulation@LPportal.com to purchase an international subscription.
❍■■Yes, I would like to receive/continue to
❍■■Yes, I would also like to receive/continue to
Checkpoint .....................................................21 checkpointsystems.com
receive Loss Prevention FREE of charge. ❍ No thanks.
CONTROLTEK ...................................................1 controltekusa.com
Please fill out completely:
Cyber Security Summit ................................49 cybersummitusa.com
Telephone _________________________________________________________________________________
receive your e-newsletter FREE of charge.
❍ No thanks.
Signature __________________________________________________________ Date __________________
Detex .................................................................7 detex.com/sneak8
Fax _______________________________________________________________________________________
DTiQ ...................................................................2 dtiq.com/lpm
First_________________________ Middle______________________Last_____________________________
Envysion..........................................................19 envysion.com HID Global ......................................................55 hidglobal.com/crossmatch InstaKey Security Systems .........................35 info.instakey.com/remotelock-lpm
Email______________________________________________________________________________________
Title _______________________________________________________________________________________ Company __________________________________________________________________________________ Address1 __________________________________________________________________________________ Address2 __________________________________________________________________________________ City _______________________________________________________________________________________
❍ USA ❍ Canada You must answer both questions to receive Loss Prevention magazine.
JVCKENWOOD ..............................................23 kenwood.com/usa
State/Province_________________ Zip/Postal Code ___________________Country
Loss Prevention Foundation..................27, 37 losspreventionfoundation.org
1. What is your company’s primary business? (Check one only) Retail ❍ (A) Department store/mass merchandiser ❍ (B) Discount/wholesale club/outlet/
LPjobs..............................................................65 lpjobs.com LPM Media Group...........................................9 lpmmediagroup.com lpPRO...............................................................59 lppro.com Off Duty Services ..........................................67 offdutyservices.com
off-price jewelry/sporting goods ❍ (D) Home center/hardware/appliances/
furniture
RCC Retail Secure 2019 ...............................40 rcclpconference.ca
❍ (G) Grocery/supermarket/
Security Resources ......................................75 securityresources.net
❍ (H) Restaurant/hospitality/
siffron ..............................................................36 siffron.com
❍ (X) Other retailer ____________________
Sensormatic...................................................76 sensormaticsolutions.com/infuzionlp
Non-Retail ❍ (N) Consulting/integrator ❍ (P) Product manufacturer ❍ (R) Services/outsourcing ❍ (S) Law enforcement/government/military ❍ (T) Education/library/media ❍ (Z) Other non-retail ________________
music/books convenience store entertainment
JULY–AUGUST 2019
❍ (12) DC/logistics/supply chain
manager ❍ (19) Other LP manager
_______________________________
Protos Security................................................3 protossecurity.com
Wicklander-Zulawski ...................................13 w-z.com
2. What is the primary focus of your job? (Check one only) Retail Loss Prevention/Security ❍ (10) Corporate/regional/district manager ❍ (11) Store LP manger/investigator/
associate
❍ (C) Specialty apparel/footwear/gifts/
❍ (E) Drug store/pharmacy/vitamins ❍ (F) Office supplies/electronics/videos/
ThinkLP ...........................................................67 thinklp.com
72
Subscribe for Free
|
LOSSPREVENTIONMEDIA.COM
Other Retail ❍ (20) Corporate operations/store manager ❍ (21) Finance/HR/legal/IT/training manager ❍ (29) Other retail manager
_______________________________ Non-Retail ❍ (30) Vendor executive/owner/
manager ❍ (31) Consultant ❍ (32) Sales/marketing manager ❍ (33) Police officer/active military ❍ (34) Educator/student/librarian ❍ (39) Other non-retail manager
_______________________________ Fax to 714-226-9733
VENDOR SPONSORS
OUTSMART CRIME
VENDOR ADVISORY BOARD 3SI Security Systems Dan Reynolds Vice President, Retail Sales
BlueWave Technologies DJ Carr Inventor/Founder/CEO
Detex Ken Kuehler General Manager
Security Resources Britney Ryan Director of Client Relations
ADT Commercial Rex Gillette Vice President of Sales
CAP Index Stephen B. Longo Vice President, Strategic Initiatives
DTiQ Steven May President/CEO, LPI (retired)
Appriss Retail Tom Rittman Vice President, Marketing
Checkpoint Stuart Rosenthal Vice President Sales
InstaKey Security Systems Cita Doyle, LPQ Vice President, Sales & Marketing
Sensormatic Solutions Joan Sparks Director of Marketing, Vertical Leader for Americas
Axis Communications Hedgie Bartol, LPQ Business Development Manager, Retail
ClickIt Inc. Jim Paul Director of Sales
Protos Security Kris Vece, LPQ Vice President of Client Relations
ControlTek Steve Sell Vice President, Global Sales & Marketing
Siffron Robb Northrup Director of Marketing Communications & Support ThinkLP Rhett Asher Vice President, Strategy
73 LP MAGAZINE
|
JULY–AUGUST 2019
PARTING WORDS
I Am on Vacation J
Jim Lee, LPC Executive Editor
uly and August is the time for a vacation. I am either at the beach or mountains, on the golf course, reading a book, or watching television. I am not thinking about writing this column. But I need to fill up the back page, so here goes with some of my favorite thoughts that may or may not have appeared before in this column.
It is true that your whole career will be shaped by your surroundings, by the character of the people with whom you come in contact every day. But how do you know you are with the “right” people? I use a very simple rule—they make me feel good, positive, and upbeat, and I have no fear of what they might do in our relationship. I trust them.
In a perfect world, life would be fair. But that is not relevant given the reality that the world we live in is not always fair. You should expect things to go your way because you have that right, but when something happens in your life that you do not like, fairness has nothing to do with it. No one is guaranteed a life of health and constant happiness. We all know of books that tell us that bad things really do happen to good people. Bad things also happen to bad people. And what is worse yet, really good things happen to really bad people. Things and people you like and don’t like are all a part of being alive.
“One piece of advice that I believe will contribute more to making you a better leader, will provide you with greater happiness and self-esteem, and at the same time advance your career more than any other advice I can provide to you. And it doesn’t call for any certain chemistry. Any of you can do it. And that advice is that you must care.” Advice from US Army General Melvin Zais of the 101st Airborne.
Have you ever had to face major change in your personal or professional life? Did you feel fear? A “yes” answer means you are pretty normal and in the big basket with the rest of us. I have known many really tough people I could not imagine ever being fearful of any situation, but they are. Regardless of how tough or good you are, fear is natural. I suspect that if you aren’t feeling a little fear, you are probably playing it too safe, and that should be enough right there to scare you. L’audace, l’audace, toujours l’audace. Did I mention golf? Golf is a game of personal integrity and self-improvement. So much of what the loss prevention professional faces in his or her career also revolves around personal integrity and a commitment to self-improvement. The best vendor account manager I ever had was a person who was interested in my success and not just selling something. He would ask me now I was doing personally. He said “please” and “thank you.” He shared his company’s agenda and future product plans. He introduced me to others in his company, especially the bosses. He always returned my calls quickly and responded to my needs. The bottom line is there is often just a “dimes difference” in competitive products, but the little things can mean a lot in being the best.
JULY–AUGUST 2019
|
Growing up, my mother would sometimes say to my brother and me, “I am sick and tired of your behavior.” She put such emphasis on sick and tired that it was disturbing and frightening, and often led to some type of punishment. There were other occasions—not as many—where she would say, “I am pleased as punch with you two.” To this day I am not sure what punch had to do with anything, but I knew it was good stuff, and she was proud of us. There is much going on in our world of loss prevention and asset protection. For me, I am sick and tired of some of it, and I am pleased as punch with other things. Overall, I think I am more pleased as punch than sick and tired. That is a good feeling. Winston Churchill said, “We make a living by what we get, but we make a life by what we give.”
Have you ever wondered why some people just seem to get a lot of pats on the back? How do some people get a reputation for being a person who knows how to get things done? There are many LP executives who fit these descriptions. Hopefully you are one of them.
74
“Making a difference in someone else’s life can be as simple as a smile, lifting a hand to help, or lending an ear to listen, especially when it might be easier to ignore the opportunity. Each day is a new day and a new chance to use what you’ve worked for and been given to light someone else’s load. It’s never too late to choose to move beyond success to significance.” Thoughts from retired US Army General Becky Halstead.
Okay, I’m done. Back to vacation. I will see many of you at the upcoming Loss Prevention Foundation (LPF) Learning Day September 30th in Gainesville the day prior to the LPRC’s Impact conference or at the magazine annual meeting with RILA and LPF in beautiful Hilton Head Island, SC, October 23–25.
LOSSPREVENTIONMEDIA.COM
Blink and you’ll miss it.
The revolutionary Sensormatic InFuzion tag speeds POS activity with up to a 54% decrease in detach time*. This patented, one-piece, defeat-resistant tag, features an integrated pin and speeds POS activity with quick tag removal. A simple button push makes attaching just as easy. The integrated pin design helps eliminate the cost of replacing lost or broken pins, and there is no need to sort or store separate pins and tags. In addition, the new, thinner pin makes InFuzion tags safer for fine garments, such as baby clothes and delicate women’s apparel. It’s even available in AM or RF technology, so it’s compatible with many different loss prevention systems. Visit SensormaticSolutions.com/InfuzionLP for more information. IN FUZ IO N MAG N ETI C TAG
INFU ZION SU P ERTA G
*Tag application and removal times are based on a usability study conducted by a third party (US ergo, 2018) using Sensormatic 2-piece tags and Sensormatic InFuzion series tags. Actual labor and cost savings may vary. © 2019 Johnson Controls. All Rights Reserved. Tyco Retail Solutions, Sensormatic, TrueVue and ShopperTrak are marks and/or registered trademarks. Unauthorized use is strictly prohibited. All other marks are the property of their respective owners.